summaryrefslogtreecommitdiff
path: root/src/tmpfiles/tmpfiles.c
Commit message (Collapse)AuthorAgeFilesLines
* shared: clean up mkdir.h/label.h situationLennart Poettering2021-11-161-1/+1
| | | | | | | | | | Previously the mkdir_label() family of calls was implemented in src/shared/mkdir-label.c but its functions partly declared ins src/shared/label.h and partly in src/basic/mkdir.h (!!). That's weird (and wrong). Let's clean this up, and add a proper mkdir-label.h matching the .c file.
* tree-wide: use new RET_NERRNO() helper at various placesLennart Poettering2021-11-161-6/+5
|
* Make pager_open() return voidZbigniew Jędrzejewski-Szmek2021-11-031-1/+1
|
* basic: spit out chase_symlinks() from fs-util.[ch] → chase-symlinks.[ch]Lennart Poettering2021-10-051-0/+1
|
* tmpfiles: minor modernizationYu Watanabe2021-09-051-20/+6
|
* tree-wide: port things over to FORMAT_PROC_FD_PATH()Lennart Poettering2021-08-191-16/+7
|
* Drop the text argument from assert_not_reached()Zbigniew Jędrzejewski-Szmek2021-08-031-3/+3
| | | | | | | | | | | | | | | | | In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
* Merge pull request #20109 from keszybz/timestamp-macrosYu Watanabe2021-07-141-13/+7
|\ | | | | Add macros that define scratch buffer internally for timestamp/timespan formatting
| * tree-wide: add FORMAT_TIMESTAMP_STYLE()Zbigniew Jędrzejewski-Szmek2021-07-091-13/+7
| |
* | tree-wide: make cunescape*() functions return ssize_tZbigniew Jędrzejewski-Szmek2021-07-091-14/+16
|/ | | | | Strictly speaking, we are returning the size of a memory chunk of arbitrary size, so ssize_t is more appropriate than int.
* chattr-util: generalize chattr manipulation for files with secrets from ↵Lennart Poettering2021-07-081-1/+1
| | | | | | | | | | | journalctl This moves the code for setting chattr file attributes appropriate for "secrets" files from journalctl into generic chattr-util.c code so that we can use it elsewhere. Also, let's reuse the "bitwise" logic already implemented in the chattr code, instead of doing it again.
* tmpfiles: fix borked assertZbigniew Jędrzejewski-Szmek2021-07-061-4/+4
| | | | | | | | | | It seems that fd_set_perms() is always called after checking that fd >= 0 (also when called as action() in glob_item_recursively()), so it seems that the assertion really came from fd==0. Fixes #20140. Also three other similar cases are updated.
* tree-wide: make specifier expansion --root= awareLennart Poettering2021-06-241-13/+29
| | | | | | | | | | | | | | | | | | | | | | This fixes repart's, systemctl's, sysusers' and tmpfiles' specifier expansion to honour the root dir specified with --root=. This is relevant for specifiers such as %m, %o, … which are directly sourced from files on disk. This doesn't try to be overly smart: specifiers referring to runtime concepts (i.e. boot ID, architecture, hostname) rather than files on the medium are left as is. There's certainly a point to be made that they should fail in case --root= is specified, but I am not entirely convinced about that, and it's certainly something we can look into later if there's reason to. I wondered for a while how to hook this up best, but given that quite a large number of specifiers resolve to data from files on disks, and most of our tools needs this, I ultimately decided to make the root dir a first class parameter to specifier_printf(). Replaces: #16187 Fixes: #16183
* tmpfile: always get file descriptor of root or current directoryYu Watanabe2021-06-101-6/+4
| | | | Fixes CID#1457467.
* tmpfile: several minor coding style fixesYu Watanabe2021-06-091-18/+20
| | | | | | | | This makes the followings: - reduces scope of variables, - drop unnecessary 'else' - use CLOSE_AND_REPLACE() macro - use strnull() for possible NULL string
* tmpfiles: extend "Age" to accept an "age-by" argumentSrinidhi Kaushik2021-06-081-64/+201
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For "systemd-tmpfiles --cleanup", when the "Age" parameter is specified, the criteria for deletion is determined from the path's last modification timestamp ("mtime"), its last access timestamp ("atime") and its last status change timestamp ("ctime"). For instance, if one of those paths to be cleaned up are opened, it results in the modification of "atime", which results file system entry to not be removed because the default aging algorithm would skip the entry. Add an optional "age-by" argument by extending the "Age" parameter to restrict the clean-up for a particular type of file timestamp, which can be specified in "tmpfiles.d" as follows: [age-by:]cleanup-age, where age-by is "[abcmACBM]+" For example: d /foo/bar - - - abM:1m - Would clean-up any files that were not accessed and created, or directories that were not modified less than a minute ago in "/foo/bar". Fixes: #17002
* tmpfiles: add '=' action modifier.Allen Webb2021-06-081-15/+201
| | | | | | | | | | | Add the '=' action modifier that instructs tmpfiles.d to check the file type of a path and remove objects that do not match before trying to open or create the path. BUG=chromium:1186405 TEST=./test/test-systemd-tmpfiles.py "$(which systemd-tmpfiles)" Change-Id: If807dc0db427393e9e0047aba640d0d114897c26
* tmpfiles: do not check if unresolved globs are autofs pathsZbigniew Jędrzejewski-Szmek2021-06-041-2/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the previous commit, we would not complain about the not-found path, but the check is still not useful. We use a libc function to resolve the glob, and it has no notion of treating autofs specially. So we can't avoid touching autofs when resolving globs. But usually the glob is found in the last component of the path, so if we strip the glob part, we can still do a useful check in many cases. (E.g. if /var/tmp is on autofs, something like "/var/tmp/<glob>" is much more likely than "/var/<glob-that-matches-tmp>/<something>".) With the system config in F34, we check the following prefixes: /var/tmp/abrt/* → /var/tmp/abrt/ /run/log/journal/08a5690a2eed47cf92ac0a5d2e3cf6b0/*.journal* → /run/log/journal/08a5690a2eed47cf92ac0a5d2e3cf6b0/ /var/lib/systemd/coredump/.#core*.21e5c6c28c5747e6a4c7c28af9560a3d* → /var/lib/systemd/coredump/ /tmp/podman-run-* → /tmp/ /tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-*/tmp → /tmp/ /tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-* → /tmp/ /tmp/containers-user-* → /tmp/ /var/tmp/beakerlib-* → /var/tmp/ /var/tmp/dnf*/locks/* → /var/tmp/ /var/tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-*/tmp → /var/tmp/ /var/tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-* → /var/tmp/ /var/tmp/abrt/* → /var/tmp/abrt/ /var/tmp/beakerlib-* → /var/tmp/ /var/tmp/dnf*/locks/* → /var/tmp/ /tmp/podman-run-* → /tmp/ /tmp/containers-user-* → /tmp/ /tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-* → /tmp/ /tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-*/tmp → /tmp/ /var/tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-* → /var/tmp/ /var/tmp/systemd-private-21e5c6c28c5747e6a4c7c28af9560a3d-*/tmp → /var/tmp/ /var/lib/systemd/coredump/.#core*.21e5c6c28c5747e6a4c7c28af9560a3d* → /var/lib/systemd/coredump/ /run/log/journal/08a5690a2eed47cf92ac0a5d2e3cf6b0/*.journal* → /run/log/journal/08a5690a2eed47cf92ac0a5d2e3cf6b0/
* tmpfiles: stop complaining about autofs on not-found pathsZbigniew Jędrzejewski-Szmek2021-06-021-1/+1
| | | | | | | | | | | | | | | | systemd-tmpfiles[328]: Failed to determine whether '/run/cryptsetup' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/etc/resolv.conf' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/lock/subsys' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/setrans' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/console' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/faillock' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/sepermit' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/motd.d' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/motd.d' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/motd' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/run/nologin' is below autofs, ignoring: No such file or directory systemd-tmpfiles[328]: Failed to determine whether '/var/lib/systemd/pstore' is below autofs, ignoring: No such file or directory ... and so on and so on.
* tree-wide: always drop unnecessary dot in pathYu Watanabe2021-05-281-3/+3
|
* alloc-util: simplify GREEDY_REALLOC() logic by relying on malloc_usable_size()Lennart Poettering2021-05-191-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | We recently started making more use of malloc_usable_size() and rely on it (see the string_erase() story). Given that we don't really support sytems where malloc_usable_size() cannot be trusted beyond statistics anyway, let's go fully in and rework GREEDY_REALLOC() on top of it: instead of passing around and maintaining the currenly allocated size everywhere, let's just derive it automatically from malloc_usable_size(). I am mostly after this for the simplicity this brings. It also brings minor efficiency improvements I guess, but things become so much nicer to look at if we can avoid these allocation size variables everywhere. Note that the malloc_usable_size() man page says relying on it wasn't "good programming practice", but I think it does this for reasons that don't apply here: the greedy realloc logic specifically doesn't rely on the returned extra size, beyond the fact that it is equal or larger than what was requested. (This commit was supposed to be a quick patch btw, but apparently we use the greedy realloc stuff quite a bit across the codebase, so this ends up touching *a*lot* of code.)
* tree-wide: refuse too long strings earlier in specifier_printf()Yu Watanabe2021-05-121-3/+3
| | | | | | | | | | | | We usually call specifier_printf() and then check the validity of the result. In many cases, validity checkers, e.g. path_is_valid(), refuse too long strings. This makes specifier_printf() refuse such long results earlier. Moreover, unit_full_string() and description field in sysuser now refuse results longer than LONG_LINE_MAX. config_parse() already refuses the line longer than LONG_LINE_MAX. Hence, it should be ok to set the same value as the maximum length of the resolved string.
* fileio: optionally, return discovered path of file in search_and_fopen()Lennart Poettering2021-05-071-2/+5
|
* tree-wide: enable automatic growing of file systems in images in various ↵Lennart Poettering2021-04-231-1/+2
| | | | | | | | | | tools that deal with OS images Let's enable this in all tools that intend to write to the OS images. It's not conditionalized for now, as there already is conditionalization in the existance or absence of the flag in the GPT partition table (and it's opt-in), hence it should be OK to just enable this by default for now if the flag is set.
* Merge pull request #19164 from mmatsuya/mainYu Watanabe2021-04-111-20/+30
|\ | | | | tmpfiles: use a entry in hashmap as ItemArray in read_config_file()
| * tmpfiles: rework condition checkZbigniew Jędrzejewski-Szmek2021-04-081-3/+8
| | | | | | | | | | | | (!a && b) || (a && c) is replaced by (a ? c : b). path_startswith() != NULL is need to avoid type warning.
| * tmpfiles: use a entry in hashmap as ItemArray in read_config_file()Masahiro Matsuya2021-04-081-20/+25
| | | | | | | | | | | | | | [zjs: squash commits and use size_t as appropriate. Bug seems to have been introduced in 811a15877825da9e53f9a2a8603da34589af6bbb. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1944468.]
* | tmpfiles: make handling of existing-but-different targets more consistentZbigniew Jędrzejewski-Szmek2021-04-081-10/+11
|/ | | | | | | | | | | | | | | | | | | | | create_fifo() was added in a2fc2f8dd30c17ad1e23a31fc6ff2aeba4c6fa27, and would always ignore failure. The test was trying to fail in this case, but we actually don't fail, which seems to be correct. We didn't notice before because the test was ineffective. To make things consistent, generally log at warning level, but don't propagate the error. For symlinks, log at debug level, as before. For 'e', failure is not propagated now. The test is adjusted to match. I think warning is appropriate in most cases: we do not expect a device node to be replaced by a different device node or even a non-device file. This would most likely be an error somewhere. An exception is made for symlinks, which are mismatched on purpose, for example /etc/resolv.conf. With this patch, we don't get any warnings with the any of the 74 tmpfiles.d files, which suggests that increasing the warning levels will not cause too many unexpected warnings. If it turns out that there are valid cases where people have expected mismatches for non-symlink types, we can always decrease the log levels again.
* dissect-image: split DISSECT_IMAGE_REQUIRE_ROOT in twoLennart Poettering2021-03-161-1/+5
| | | | | | | | | | | | Previously, the flag did two things at once: enable support for using generic partitions as root fs if there were only one/allow use of partition-table-less images as root fs. And secondly, insist that there was a rootfs, and fail if not. Let's split these two in two separate options so that they can be used independently of each other. There are cases where one wants to use one without the other (i.e. when inspecting things with systemd-dissect tool it should be OK to do so even if image has no root fs), and it's cleaner anyway.
* Move and rename parse_path_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-2/+3
| | | | | This fits better in shared/, and the new parse-argument.c file is a good home for it.
* tmpfiles: explicitly say we need /proc/ to runLennart Poettering2021-02-101-0/+10
| | | | | | | | | | | | | | | | | I don't think it's realistic to operate without /proc/. Hence, let's make this explicit. If one day someone finds a way to do what we need without /proc/ we can certainly drop this check again, but for now I think it's a lot friendlier to users to make this explicitly early on instead continuing to run and then not do what we need to do, oftentimes failing in cryptic ways. After all, invoking the tool without /proc/ is not an error that was specific to some of the lines we process, but it's systematic error that will show its ugly face in many codepaths down the line. Fixes: #14745
* tmpfiles: v/q/Q: Add env var to skip check for rootfs in subvolumeAdrian Vovk2021-02-101-2/+8
|
* tree-wide: use -EINVAL for enum invalid valuesZbigniew Jędrzejewski-Szmek2021-02-101-1/+1
| | | | | | | | | As suggested in https://github.com/systemd/systemd/pull/11484#issuecomment-775288617. This does not touch anything exposed in src/systemd. Changing the defines there would be a compatibility break. Note that tests are broken after this commit. They will be fixed in the next one.
* tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-02-011-1/+1
| | | | It may be useful when debugging daemons.
* tree-wide: Drop custom formatting for print() help messagesDaan De Meyer2021-01-311-5/+5
| | | | | | | | | | | | I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
* tmpfiles: add ANSI highlighting to our help textLennart Poettering2021-01-121-2/+4
| | | | As it is common now in our tools.
* string-util: imply NULL termination of strextend() argument listLennart Poettering2021-01-061-1/+1
| | | | | The trailing NULL in the argument list is now implied (similar to what we already have in place in strjoin()).
* tmpfiles: fix typoYu Watanabe2020-12-191-1/+1
| | | | Follow-up for 94566540e3863032df3a8a89f948b94d764ca2b4.
* tmpfiles: try to set file attributes one by oneYu Watanabe2020-12-181-5/+9
| | | | Closes #17690.
* tree-wide: sort specifiers and move common comments to specifier.hYu Watanabe2020-11-251-7/+9
|
* specifiers: introduce common macros for generating specifier tablesLennart Poettering2020-11-251-6/+2
| | | | | | | | | | | | | In many cases the tables are largely the same, hence define a common set of macros to generate the common parts. This adds in a couple of missing specifiers here and there, so is more thant just refactoring: it actually fixes accidental omissions. Note that some entries that look like they could be unified under these macros can't really be unified, since they are slightly different. For example in the DNSSD service logic we want to use the DNSSD hostname for %H rather than the unmodified kernel one.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* tmpfiles: Handle filesystems without ACL support in more cases.Pat Coulthard2020-10-261-11/+16
|
* Merge pull request #17297 from ↵Michael Biebl2020-10-201-2/+12
|\ | | | | | | | | keszybz/tmpfiles-sysusers-disable-standalone-image tmpfiles,sysusers: disable --image= support in standalone versions
| * tmpfiles,sysusers: disable --image= support in standalone versionsZbigniew Jędrzejewski-Szmek2020-10-091-2/+12
| | | | | | | | Fixes #17278.
* | tmpfiles: no need to specify a synthetic error code if we don't propagate itLennart Poettering2020-10-191-1/+1
| |
* | tree-wide: assorted coccinelle fixesFrantisek Sumsal2020-10-091-12/+12
|/
* tree-wide: fix typos found by codespellFrantisek Sumsal2020-09-141-1/+1
| | | | Reported by Fossies.org
* Merge pull request #16933 from poettering/copy-hardlinksZbigniew Jędrzejewski-Szmek2020-09-101-1/+1
|\ | | | | copy: optionally recreate hardlinks when copying file trees
| * tree-wide: copy hardlinks wherever we deal with possibly large OS-style treesLennart Poettering2020-09-091-1/+1
| | | | | | | | Fixes: #7382
View Lorry Controller Status