From 05f05a06cd1d72b4bfcbf565d12ea3107187f66d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 14:48:52 +0100 Subject: mkdir: tighten permission check Let's complain about any bit that is set in the existing inode but no in the mask we are supposed to use. --- src/basic/mkdir.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c index 41638f7a81..4a0c48b8af 100644 --- a/src/basic/mkdir.c +++ b/src/basic/mkdir.c @@ -56,9 +56,8 @@ int mkdir_safe_internal( if (!S_ISDIR(st.st_mode)) return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(ENOTDIR), "Path \"%s\" already exists and is not a directory, refusing.", path); - if ((st.st_mode & 0007) > (mode & 0007) || - (st.st_mode & 0070) > (mode & 0070) || - (st.st_mode & 0700) > (mode & 0700)) + + if ((st.st_mode & ~mode & 0777) != 0) return log_full_errno(flags & MKDIR_WARN_MODE ? LOG_WARNING : LOG_DEBUG, SYNTHETIC_ERRNO(EEXIST), "Directory \"%s\" already exists, but has mode %04o that is too permissive (%04o was requested), refusing.", path, st.st_mode & 0777, mode); -- cgit v1.2.1 From c7e715096f04fcb1b88e844b7eed52f3e41b9f8b Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 14:49:34 +0100 Subject: mkdir: make sure mode is set --- src/basic/mkdir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c index 4a0c48b8af..7aaaae0f0d 100644 --- a/src/basic/mkdir.c +++ b/src/basic/mkdir.c @@ -27,6 +27,7 @@ int mkdir_safe_internal( int r; assert(path); + assert(mode != MODE_INVALID); assert(_mkdir && _mkdir != mkdir); if (_mkdir(path, mode) >= 0) { -- cgit v1.2.1 From 1e146d738232acbe7f72903e9c5e4d1166ea67f5 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 14:49:49 +0100 Subject: mkdir: use chase_symlinks_and_stat() where appropriate --- src/basic/mkdir.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c index 7aaaae0f0d..431f5d2306 100644 --- a/src/basic/mkdir.c +++ b/src/basic/mkdir.c @@ -42,16 +42,13 @@ int mkdir_safe_internal( if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) { _cleanup_free_ char *p = NULL; - r = chase_symlinks(path, NULL, CHASE_NONEXISTENT, &p, NULL); + r = chase_symlinks_and_stat(path, NULL, CHASE_NONEXISTENT, &p, &st, NULL); if (r < 0) return r; if (r == 0) return mkdir_safe_internal(p, mode, uid, gid, flags & ~MKDIR_FOLLOW_SYMLINK, _mkdir); - - if (lstat(p, &st) < 0) - return -errno; } if (!S_ISDIR(st.st_mode)) -- cgit v1.2.1 From d1cd465e21eb3fd100819378e906483dded1ce71 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:12:23 +0100 Subject: smack make mac_smack_fix_at() useful when called with dir_fd=AT_FDCWD --- src/shared/smack-util.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c index d7fbbdc913..b8434b068c 100644 --- a/src/shared/smack-util.c +++ b/src/shared/smack-util.c @@ -176,7 +176,7 @@ static int smack_fix_fd(int fd, const char *abspath, LabelFixFlags flags) { return 0; } -int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) { +int mac_smack_fix_at(int dir_fd, const char *path, LabelFixFlags flags) { _cleanup_free_ char *p = NULL; _cleanup_close_ int fd = -1; int r; @@ -186,7 +186,14 @@ int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) { if (!mac_smack_use()) return 0; - fd = openat(dirfd, path, O_NOFOLLOW|O_CLOEXEC|O_PATH); + if (dir_fd < 0) { + if (dir_fd != AT_FDCWD) + return -EBADF; + + return mac_smack_fix(path, flags); + } + + fd = openat(dir_fd, path, O_NOFOLLOW|O_CLOEXEC|O_PATH); if (fd < 0) { if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT) return 0; -- cgit v1.2.1 From fc0f4d602429d5080df86af68e9aafa593572962 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:13:37 +0100 Subject: selinux: make mac_selinux_create_file_prepare() at wrapper around _at() Let's make sure mac_selinux_create_file_prepare_at() works fine with AT_FDCWD, and then make mac_selinux_create_file_prepare() just a inline wrapper around it. --- src/shared/selinux-util.c | 38 +++++++++++--------------------------- src/shared/selinux-util.h | 5 ++++- 2 files changed, 15 insertions(+), 28 deletions(-) diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c index 5745fe09a2..a1359a5bfd 100644 --- a/src/shared/selinux-util.c +++ b/src/shared/selinux-util.c @@ -497,25 +497,30 @@ static int selinux_create_file_prepare_abspath(const char *abspath, mode_t mode) } #endif -int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode) { +int mac_selinux_create_file_prepare_at( + int dir_fd, + const char *path, + mode_t mode) { + #if HAVE_SELINUX _cleanup_free_ char *abspath = NULL; int r; - assert(path); + if (dir_fd < 0 && dir_fd != AT_FDCWD) + return -EBADF; if (!label_hnd) return 0; - if (!path_is_absolute(path)) { - if (dirfd == AT_FDCWD) + if (isempty(path) || !path_is_absolute(path)) { + if (dir_fd == AT_FDCWD) r = safe_getcwd(&abspath); else - r = fd_get_path(dirfd, &abspath); + r = fd_get_path(dir_fd, &abspath); if (r < 0) return r; - if (!path_extend(&abspath, path)) + if (!isempty(path) && !path_extend(&abspath, path)) return -ENOMEM; path = abspath; @@ -527,27 +532,6 @@ int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode) #endif } -int mac_selinux_create_file_prepare(const char *path, mode_t mode) { -#if HAVE_SELINUX - int r; - - _cleanup_free_ char *abspath = NULL; - - assert(path); - - if (!label_hnd) - return 0; - - r = path_make_absolute_cwd(path, &abspath); - if (r < 0) - return r; - - return selinux_create_file_prepare_abspath(abspath, mode); -#else - return 0; -#endif -} - int mac_selinux_create_file_prepare_label(const char *path, const char *label) { #if HAVE_SELINUX diff --git a/src/shared/selinux-util.h b/src/shared/selinux-util.h index 4147a3ad50..a9ddbfc653 100644 --- a/src/shared/selinux-util.h +++ b/src/shared/selinux-util.h @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once +#include #include #include #include @@ -41,8 +42,10 @@ int mac_selinux_get_our_label(char **label); int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **label); char* mac_selinux_free(char *label); -int mac_selinux_create_file_prepare(const char *path, mode_t mode); int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode); +static inline int mac_selinux_create_file_prepare(const char *path, mode_t mode) { + return mac_selinux_create_file_prepare_at(AT_FDCWD, path, mode); +} int mac_selinux_create_file_prepare_label(const char *path, const char *label); void mac_selinux_create_file_clear(void); -- cgit v1.2.1 From 3bb5ecaa88499a9ddab6afd61398b17393173e8d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:14:52 +0100 Subject: mkdir-label: make mkdir_label() a wrapper around mkdirat_label() --- src/shared/label.h | 7 ++++++- src/shared/mkdir-label.c | 17 ----------------- 2 files changed, 6 insertions(+), 18 deletions(-) diff --git a/src/shared/label.h b/src/shared/label.h index b5118d96d3..b198e140d0 100644 --- a/src/shared/label.h +++ b/src/shared/label.h @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once +#include #include #include @@ -14,8 +15,12 @@ static inline int label_fix(const char *path, LabelFixFlags flags) { return label_fix_container(path, path, flags); } -int mkdir_label(const char *path, mode_t mode); int mkdirat_label(int dirfd, const char *path, mode_t mode); + +static inline int mkdir_label(const char *path, mode_t mode) { + return mkdirat_label(AT_FDCWD, path, mode); +} + int symlink_label(const char *old_path, const char *new_path); int symlink_atomic_label(const char *from, const char *to); int mknod_label(const char *pathname, mode_t mode, dev_t dev); diff --git a/src/shared/mkdir-label.c b/src/shared/mkdir-label.c index 9565117b92..9e2f863535 100644 --- a/src/shared/mkdir-label.c +++ b/src/shared/mkdir-label.c @@ -12,23 +12,6 @@ #include "smack-util.h" #include "user-util.h" -int mkdir_label(const char *path, mode_t mode) { - int r; - - assert(path); - - r = mac_selinux_create_file_prepare(path, S_IFDIR); - if (r < 0) - return r; - - r = mkdir_errno_wrapper(path, mode); - mac_selinux_create_file_clear(); - if (r < 0) - return r; - - return mac_smack_fix(path, 0); -} - int mkdirat_label(int dirfd, const char *path, mode_t mode) { int r; -- cgit v1.2.1 From 3f692e2ece5fce59b51ec7ec7c77d0ce2d47ee55 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:16:19 +0100 Subject: tree-wide: don't use mkdir_errno_wrapper() without reason Simple mkdir() is fine, too, no need to use the wrapper --- src/nspawn/nspawn.c | 6 +++--- src/shared/cgroup-setup.c | 2 +- src/udev/udevd.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 8098d37962..e23d042b57 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1887,7 +1887,7 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid int r; q = prefix_roota(root, path); - r = mkdir_errno_wrapper(q, mode); + r = RET_NERRNO(mkdir(q, mode)); if (r == -EEXIST) return 0; if (r < 0) @@ -2341,7 +2341,7 @@ static int setup_pts(const char *dest) { /* Mount /dev/pts itself */ p = prefix_roota(dest, "/dev/pts"); - r = mkdir_errno_wrapper(p, 0755); + r = RET_NERRNO(mkdir(p, 0755)); if (r < 0) return log_error_errno(r, "Failed to create /dev/pts: %m"); @@ -2666,7 +2666,7 @@ static int setup_journal(const char *directory) { /* don't create parents here — if the host doesn't have * permanent journal set up, don't force it here */ - r = mkdir_errno_wrapper(p, 0755); + r = RET_NERRNO(mkdir(p, 0755)); if (r < 0 && r != -EEXIST) { if (try) { log_debug_errno(r, "Failed to create %s, skipping journal setup: %m", p); diff --git a/src/shared/cgroup-setup.c b/src/shared/cgroup-setup.c index 2221fd07c2..8bda66ca36 100644 --- a/src/shared/cgroup-setup.c +++ b/src/shared/cgroup-setup.c @@ -292,7 +292,7 @@ int cg_create(const char *controller, const char *path) { if (r < 0) return r; - r = mkdir_errno_wrapper(fs, 0755); + r = RET_NERRNO(mkdir(fs, 0755)); if (r == -EEXIST) return 0; if (r < 0) diff --git a/src/udev/udevd.c b/src/udev/udevd.c index beec6e62e7..d37652db67 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c @@ -1933,7 +1933,7 @@ int run_udevd(int argc, char *argv[]) { if (r < 0) return r; - r = mkdir_errno_wrapper("/run/udev", 0755); + r = RET_NERRNO(mkdir("/run/udev", 0755)); if (r < 0 && r != -EEXIST) return log_error_errno(r, "Failed to create /run/udev: %m"); -- cgit v1.2.1 From ed304a5d73389023a542841faeb277ccca798549 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:18:06 +0100 Subject: mkdir: drop mkdir_errno_wrapper(), use mkdirat_errno_wrapper() instead Let's reduce our code duplication, and let's focus on using xyzat() style APIs more, hence drop mkdir_errno_wrapper() and stick to mkdirar_errno_wrapper() wherever we can, it's a true superset of functionality after all. --- src/basic/mkdir.c | 38 +++++++++++++++++--------------------- src/basic/mkdir.h | 9 ++++----- src/shared/mkdir-label.c | 6 +++--- 3 files changed, 24 insertions(+), 29 deletions(-) diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c index 431f5d2306..6e2b94d024 100644 --- a/src/basic/mkdir.c +++ b/src/basic/mkdir.c @@ -21,16 +21,16 @@ int mkdir_safe_internal( mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, - mkdir_func_t _mkdir) { + mkdirat_func_t _mkdirat) { struct stat st; int r; assert(path); assert(mode != MODE_INVALID); - assert(_mkdir && _mkdir != mkdir); + assert(_mkdirat && _mkdirat != mkdirat); - if (_mkdir(path, mode) >= 0) { + if (_mkdirat(AT_FDCWD, path, mode) >= 0) { r = chmod_and_chown(path, mode, uid, gid); if (r < 0) return r; @@ -48,7 +48,7 @@ int mkdir_safe_internal( if (r == 0) return mkdir_safe_internal(p, mode, uid, gid, flags & ~MKDIR_FOLLOW_SYMLINK, - _mkdir); + _mkdirat); } if (!S_ISDIR(st.st_mode)) @@ -76,24 +76,20 @@ int mkdir_safe_internal( return 0; } -int mkdir_errno_wrapper(const char *pathname, mode_t mode) { - return RET_NERRNO(mkdir(pathname, mode)); -} - int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode) { return RET_NERRNO(mkdirat(dirfd, pathname, mode)); } int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { - return mkdir_safe_internal(path, mode, uid, gid, flags, mkdir_errno_wrapper); + return mkdir_safe_internal(path, mode, uid, gid, flags, mkdirat_errno_wrapper); } -int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) { +int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdirat) { const char *p, *e = NULL; int r; assert(path); - assert(_mkdir != mkdir); + assert(_mkdirat != mkdirat); if (prefix) { p = path_startswith_full(path, prefix, /* accept_dot_dot= */ false); @@ -142,7 +138,7 @@ int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, ui s[n] = '\0'; if (!prefix || !path_startswith_full(prefix, path, /* accept_dot_dot= */ false)) { - r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdir); + r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdirat); if (r < 0 && r != -EEXIST) return r; } @@ -152,30 +148,30 @@ int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, ui } int mkdir_parents(const char *path, mode_t mode) { - return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_errno_wrapper); + return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_errno_wrapper); } int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { - return mkdir_parents_internal(prefix, path, mode, uid, gid, flags, mkdir_errno_wrapper); + return mkdir_parents_internal(prefix, path, mode, uid, gid, flags, mkdirat_errno_wrapper); } -int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) { +int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdirat) { int r; /* Like mkdir -p */ - assert(_mkdir != mkdir); + assert(_mkdirat != mkdirat); - r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdir); + r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdirat); if (r < 0) return r; if (!uid_is_valid(uid) && !gid_is_valid(gid) && flags == 0) { - r = _mkdir(path, mode); + r = _mkdirat(AT_FDCWD, path, mode); if (r < 0 && (r != -EEXIST || is_dir(path, true) <= 0)) return r; } else { - r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdir); + r = mkdir_safe_internal(path, mode, uid, gid, flags, _mkdirat); if (r < 0 && r != -EEXIST) return r; } @@ -184,11 +180,11 @@ int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t ui } int mkdir_p(const char *path, mode_t mode) { - return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_errno_wrapper); + return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_errno_wrapper); } int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { - return mkdir_p_internal(prefix, path, mode, uid, gid, flags, mkdir_errno_wrapper); + return mkdir_p_internal(prefix, path, mode, uid, gid, flags, mkdirat_errno_wrapper); } int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m) { diff --git a/src/basic/mkdir.h b/src/basic/mkdir.h index 3c53d22db9..837e493c6b 100644 --- a/src/basic/mkdir.h +++ b/src/basic/mkdir.h @@ -8,7 +8,6 @@ typedef enum MkdirFlags { MKDIR_WARN_MODE = 1 << 1, } MkdirFlags; -int mkdir_errno_wrapper(const char *pathname, mode_t mode); int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode); int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_parents(const char *path, mode_t mode); @@ -22,9 +21,9 @@ int mkdir_parents_label(const char *path, mode_t mod); int mkdir_p_label(const char *path, mode_t mode); /* internally used */ -typedef int (*mkdir_func_t)(const char *pathname, mode_t mode); -int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir); -int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir); -int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir); +typedef int (*mkdirat_func_t)(int dir_fd, const char *pathname, mode_t mode); +int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); +int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); +int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m); diff --git a/src/shared/mkdir-label.c b/src/shared/mkdir-label.c index 9e2f863535..3c332d1007 100644 --- a/src/shared/mkdir-label.c +++ b/src/shared/mkdir-label.c @@ -30,13 +30,13 @@ int mkdirat_label(int dirfd, const char *path, mode_t mode) { } int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags) { - return mkdir_safe_internal(path, mode, uid, gid, flags, mkdir_label); + return mkdir_safe_internal(path, mode, uid, gid, flags, mkdirat_label); } int mkdir_parents_label(const char *path, mode_t mode) { - return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_label); + return mkdir_parents_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_label); } int mkdir_p_label(const char *path, mode_t mode) { - return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdir_label); + return mkdir_p_internal(NULL, path, mode, UID_INVALID, UID_INVALID, 0, mkdirat_label); } -- cgit v1.2.1 From 35cd0ba516fb0e2ee5744b9185f7df903962c726 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Nov 2021 15:44:50 +0100 Subject: shared: clean up mkdir.h/label.h situation Previously the mkdir_label() family of calls was implemented in src/shared/mkdir-label.c but its functions partly declared ins src/shared/label.h and partly in src/basic/mkdir.h (!!). That's weird (and wrong). Let's clean this up, and add a proper mkdir-label.h matching the .c file. --- src/basic/mkdir.h | 11 +++-------- src/core/automount.c | 2 +- src/core/core-varlink.c | 2 +- src/core/dbus.c | 2 +- src/core/execute.c | 2 +- src/core/generator-setup.c | 2 +- src/core/main.c | 2 +- src/core/manager.c | 2 +- src/core/mount.c | 2 +- src/core/namespace.c | 2 +- src/core/path.c | 2 +- src/core/socket.c | 2 +- src/core/unit.c | 2 +- src/coredump/coredump.c | 2 +- src/debug-generator/debug-generator.c | 4 ++-- src/getty-generator/getty-generator.c | 4 ++-- src/hibernate-resume/hibernate-resume-generator.c | 4 ++-- src/import/import-fs.c | 2 +- src/import/import-raw.c | 2 +- src/import/import-tar.c | 2 +- src/import/importd.c | 2 +- src/import/pull-raw.c | 2 +- src/import/pull-tar.c | 2 +- src/locale/keymap-util.c | 2 +- src/login/logind-dbus.c | 2 +- src/login/logind-inhibit.c | 2 +- src/login/logind-seat.c | 2 +- src/login/logind-session.c | 2 +- src/login/logind-user.c | 2 +- src/login/logind.c | 1 + src/login/user-runtime-dir.c | 2 +- src/machine/machine.c | 2 +- src/machine/machined.c | 2 +- src/network/networkd.c | 2 +- src/nspawn/nspawn-mount.c | 2 +- src/rc-local-generator/rc-local-generator.c | 2 +- src/resolve/resolved.c | 2 +- src/shared/ask-password-api.c | 2 +- src/shared/copy.c | 1 + src/shared/dev-setup.c | 1 + src/shared/dissect-image.c | 2 +- src/shared/generator.c | 4 ++-- src/shared/hwdb-util.c | 2 +- src/shared/install.c | 4 ++-- src/shared/label.h | 6 ------ src/shared/meson.build | 1 + src/shared/mkdir-label.c | 9 +-------- src/shared/mkdir-label.h | 17 +++++++++++++++++ src/shared/mount-setup.c | 2 +- src/shared/mount-util.c | 2 +- src/shared/socket-label.c | 2 +- src/shared/switch-root.c | 2 +- src/systemctl/systemctl-edit.c | 2 +- src/test/test-udev.c | 2 +- src/timesync/timesyncd.c | 2 +- src/tmpfiles/tmpfiles.c | 2 +- src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +- src/udev/udev-node.c | 2 +- 58 files changed, 80 insertions(+), 77 deletions(-) create mode 100644 src/shared/mkdir-label.h diff --git a/src/basic/mkdir.h b/src/basic/mkdir.h index 837e493c6b..34a5227577 100644 --- a/src/basic/mkdir.h +++ b/src/basic/mkdir.h @@ -9,21 +9,16 @@ typedef enum MkdirFlags { } MkdirFlags; int mkdirat_errno_wrapper(int dirfd, const char *pathname, mode_t mode); + int mkdir_safe(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_parents(const char *path, mode_t mode); int mkdir_parents_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); int mkdir_p(const char *path, mode_t mode); int mkdir_p_safe(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); +int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m); -/* mandatory access control(MAC) versions */ -int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); -int mkdir_parents_label(const char *path, mode_t mod); -int mkdir_p_label(const char *path, mode_t mode); - -/* internally used */ +/* The following are used to implement the mkdir_xyz_label() calls, don't use otherwise. */ typedef int (*mkdirat_func_t)(int dir_fd, const char *pathname, mode_t mode); int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); int mkdir_parents_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdirat_func_t _mkdir); - -int mkdir_p_root(const char *root, const char *p, uid_t uid, gid_t gid, mode_t m); diff --git a/src/core/automount.c b/src/core/automount.c index 550a350a45..0bb58fdcd1 100644 --- a/src/core/automount.c +++ b/src/core/automount.c @@ -21,7 +21,7 @@ #include "format-util.h" #include "io-util.h" #include "label.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mount.h" #include "mountpoint-util.h" diff --git a/src/core/core-varlink.c b/src/core/core-varlink.c index ab0d455380..8c54cc0663 100644 --- a/src/core/core-varlink.c +++ b/src/core/core-varlink.c @@ -1,7 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #include "core-varlink.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "strv.h" #include "user-util.h" #include "varlink.h" diff --git a/src/core/dbus.c b/src/core/dbus.c index f876433c00..2c5bda58f9 100644 --- a/src/core/dbus.c +++ b/src/core/dbus.c @@ -33,7 +33,7 @@ #include "fd-util.h" #include "fs-util.h" #include "log.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "process-util.h" #include "selinux-access.h" #include "serialize.h" diff --git a/src/core/execute.c b/src/core/execute.c index 6192a2d33e..ba66b9e6ec 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -71,7 +71,7 @@ #include "memory-util.h" #include "missing_fs.h" #include "missing_ioprio.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "namespace.h" diff --git a/src/core/generator-setup.c b/src/core/generator-setup.c index 9173951735..00d6ad61fa 100644 --- a/src/core/generator-setup.c +++ b/src/core/generator-setup.c @@ -4,7 +4,7 @@ #include "generator-setup.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "rm-rf.h" int lookup_paths_mkdir_generator(LookupPaths *p) { diff --git a/src/core/main.c b/src/core/main.c index 72dd199ddb..57aedb9b93 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -60,7 +60,7 @@ #include "manager.h" #include "manager-dump.h" #include "manager-serialize.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-setup.h" #include "os-util.h" #include "pager.h" diff --git a/src/core/manager.c b/src/core/manager.c index b21747daea..c94f032cc0 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -58,7 +58,7 @@ #include "manager-dump.h" #include "manager-serialize.h" #include "memory-util.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-lookup.h" #include "path-util.h" diff --git a/src/core/mount.c b/src/core/mount.c index 4f76b552c2..90b11347f7 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -17,7 +17,7 @@ #include "libmount-util.h" #include "log.h" #include "manager.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-setup.h" #include "mount.h" #include "mountpoint-util.h" diff --git a/src/core/namespace.c b/src/core/namespace.c index c01975b9de..a84060c682 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -21,7 +21,7 @@ #include "list.h" #include "loop-util.h" #include "loopback-setup.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "namespace-util.h" diff --git a/src/core/path.c b/src/core/path.c index cdab9dcf8c..999cecc96c 100644 --- a/src/core/path.c +++ b/src/core/path.c @@ -14,7 +14,7 @@ #include "glob-util.h" #include "inotify-util.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path.h" #include "path-util.h" #include "serialize.h" diff --git a/src/core/socket.c b/src/core/socket.c index f265aab594..e6d168188a 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -28,7 +28,7 @@ #include "ip-protocol-list.h" #include "label.h" #include "log.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "process-util.h" diff --git a/src/core/unit.c b/src/core/unit.c index 27d7503332..fa21b8acb2 100644 --- a/src/core/unit.c +++ b/src/core/unit.c @@ -37,7 +37,7 @@ #include "log.h" #include "macro.h" #include "missing_audit.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "process-util.h" #include "rm-rf.h" diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 62a622a6ca..27b8f7754b 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -37,7 +37,7 @@ #include "macro.h" #include "main-func.h" #include "memory-util.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "process-util.h" #include "signal-util.h" diff --git a/src/debug-generator/debug-generator.c b/src/debug-generator/debug-generator.c index a8f3422dd4..a724ae510d 100644 --- a/src/debug-generator/debug-generator.c +++ b/src/debug-generator/debug-generator.c @@ -5,7 +5,7 @@ #include "alloc-util.h" #include "dropin.h" #include "generator.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "proc-cmdline.h" @@ -138,7 +138,7 @@ static int generate_wants_symlinks(void) { if (!f) return log_oom(); - mkdir_parents_label(p, 0755); + (void) mkdir_parents_label(p, 0755); if (symlink(f, p) < 0) r = log_error_errno(errno, diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c index aa5a0a6ddb..b4d4952f99 100644 --- a/src/getty-generator/getty-generator.c +++ b/src/getty-generator/getty-generator.c @@ -10,7 +10,7 @@ #include "fileio.h" #include "generator.h" #include "log.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "process-util.h" #include "strv.h" @@ -31,7 +31,7 @@ static int add_symlink(const char *fservice, const char *tservice) { from = strjoina(SYSTEM_DATA_UNIT_DIR "/", fservice); to = strjoina(arg_dest, "/getty.target.wants/", tservice); - mkdir_parents_label(to, 0755); + (void) mkdir_parents_label(to, 0755); r = symlink(from, to); if (r < 0) { diff --git a/src/hibernate-resume/hibernate-resume-generator.c b/src/hibernate-resume/hibernate-resume-generator.c index 5e986db2b0..ee320909ee 100644 --- a/src/hibernate-resume/hibernate-resume-generator.c +++ b/src/hibernate-resume/hibernate-resume-generator.c @@ -10,7 +10,7 @@ #include "generator.h" #include "log.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "proc-cmdline.h" #include "special.h" #include "string-util.h" @@ -84,7 +84,7 @@ static int process_resume(void) { if (!lnk) return log_oom(); - mkdir_parents_label(lnk, 0755); + (void) mkdir_parents_label(lnk, 0755); if (symlink(SYSTEM_DATA_UNIT_DIR "/systemd-hibernate-resume@.service", lnk) < 0) return log_error_errno(errno, "Failed to create symlink %s: %m", lnk); diff --git a/src/import/import-fs.c b/src/import/import-fs.c index cacd48fe96..ff7f51a60a 100644 --- a/src/import/import-fs.c +++ b/src/import/import-fs.c @@ -14,7 +14,7 @@ #include "import-util.h" #include "install-file.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-argument.h" #include "ratelimit.h" #include "rm-rf.h" diff --git a/src/import/import-raw.c b/src/import/import-raw.c index 153b74d123..a0208e505c 100644 --- a/src/import/import-raw.c +++ b/src/import/import-raw.c @@ -18,7 +18,7 @@ #include "install-file.h" #include "io-util.h" #include "machine-pool.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "qcow2-util.h" #include "ratelimit.h" diff --git a/src/import/import-tar.c b/src/import/import-tar.c index 8cbdbaa35f..f31d3d75a1 100644 --- a/src/import/import-tar.c +++ b/src/import/import-tar.c @@ -18,7 +18,7 @@ #include "install-file.h" #include "io-util.h" #include "machine-pool.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "process-util.h" #include "qcow2-util.h" diff --git a/src/import/importd.c b/src/import/importd.c index 0400d41b14..66771f63e2 100644 --- a/src/import/importd.c +++ b/src/import/importd.c @@ -19,7 +19,7 @@ #include "machine-pool.h" #include "main-func.h" #include "missing_capability.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "percent-util.h" diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c index 6a0c2c8b17..0623afcc84 100644 --- a/src/import/pull-raw.c +++ b/src/import/pull-raw.c @@ -17,7 +17,7 @@ #include "import-util.h" #include "install-file.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "pull-common.h" #include "pull-job.h" diff --git a/src/import/pull-tar.c b/src/import/pull-tar.c index 9608129e5e..fd866fc514 100644 --- a/src/import/pull-tar.c +++ b/src/import/pull-tar.c @@ -16,7 +16,7 @@ #include "import-util.h" #include "install-file.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "process-util.h" #include "pull-common.h" diff --git a/src/locale/keymap-util.c b/src/locale/keymap-util.c index 1bd8f5c0ae..10d2ed7aec 100644 --- a/src/locale/keymap-util.c +++ b/src/locale/keymap-util.c @@ -18,7 +18,7 @@ #include "keymap-util.h" #include "locale-util.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "nulstr-util.h" #include "process-util.h" #include "string-util.h" diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index 6e9dde1c15..331dcd2a05 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -36,7 +36,7 @@ #include "logind-user-dbus.h" #include "logind.h" #include "missing_capability.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "process-util.h" diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c index 1de71c2481..dbb58e4ac3 100644 --- a/src/login/logind-inhibit.c +++ b/src/login/logind-inhibit.c @@ -17,7 +17,7 @@ #include "io-util.h" #include "logind-dbus.h" #include "logind-inhibit.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "string-table.h" diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c index 2d54681745..58912b85b3 100644 --- a/src/login/logind-seat.c +++ b/src/login/logind-seat.c @@ -16,7 +16,7 @@ #include "logind-seat-dbus.h" #include "logind-seat.h" #include "logind-session-dbus.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "stdio-util.h" diff --git a/src/login/logind-session.c b/src/login/logind-session.c index d6d67af05a..ab98a5055d 100644 --- a/src/login/logind-session.c +++ b/src/login/logind-session.c @@ -26,7 +26,7 @@ #include "logind-session-dbus.h" #include "logind-session.h" #include "logind-user-dbus.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "process-util.h" diff --git a/src/login/logind-user.c b/src/login/logind-user.c index 5266f55775..6d250be321 100644 --- a/src/login/logind-user.c +++ b/src/login/logind-user.c @@ -21,7 +21,7 @@ #include "logind-dbus.h" #include "logind-user-dbus.h" #include "logind-user.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "percent-util.h" diff --git a/src/login/logind.c b/src/login/logind.c index 6e1ebbf9c5..57a8604b7f 100644 --- a/src/login/logind.c +++ b/src/login/logind.c @@ -27,6 +27,7 @@ #include "logind-user-dbus.h" #include "logind.h" #include "main-func.h" +#include "mkdir-label.h" #include "parse-util.h" #include "process-util.h" #include "selinux-util.h" diff --git a/src/login/user-runtime-dir.c b/src/login/user-runtime-dir.c index a1087ed31c..5ce5b35e17 100644 --- a/src/login/user-runtime-dir.c +++ b/src/login/user-runtime-dir.c @@ -12,7 +12,7 @@ #include "label.h" #include "limits-util.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "path-util.h" diff --git a/src/machine/machine.c b/src/machine/machine.c index a42478e874..80f73da94a 100644 --- a/src/machine/machine.c +++ b/src/machine/machine.c @@ -19,7 +19,7 @@ #include "hashmap.h" #include "machine-dbus.h" #include "machine.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "process-util.h" diff --git a/src/machine/machined.c b/src/machine/machined.c index 4ab459d3ca..6ffa4191ec 100644 --- a/src/machine/machined.c +++ b/src/machine/machined.c @@ -18,10 +18,10 @@ #include "fd-util.h" #include "format-util.h" #include "hostname-util.h" -#include "label.h" #include "machined-varlink.h" #include "machined.h" #include "main-func.h" +#include "mkdir-label.h" #include "process-util.h" #include "service-util.h" #include "signal-util.h" diff --git a/src/network/networkd.c b/src/network/networkd.c index d274885264..7d63786f48 100644 --- a/src/network/networkd.c +++ b/src/network/networkd.c @@ -11,7 +11,7 @@ #include "daemon-util.h" #include "firewall-util.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "networkd-conf.h" #include "networkd-manager.h" #include "signal-util.h" diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c index 2bfff79cde..40773d90c1 100644 --- a/src/nspawn/nspawn-mount.c +++ b/src/nspawn/nspawn-mount.c @@ -10,7 +10,7 @@ #include "format-util.h" #include "fs-util.h" #include "label.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "nspawn-mount.h" diff --git a/src/rc-local-generator/rc-local-generator.c b/src/rc-local-generator/rc-local-generator.c index 99cffee3ec..c2b9e64217 100644 --- a/src/rc-local-generator/rc-local-generator.c +++ b/src/rc-local-generator/rc-local-generator.c @@ -6,7 +6,7 @@ #include "generator.h" #include "log.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "string-util.h" #include "util.h" diff --git a/src/resolve/resolved.c b/src/resolve/resolved.c index 85ab917c4f..d3bc902752 100644 --- a/src/resolve/resolved.c +++ b/src/resolve/resolved.c @@ -11,7 +11,7 @@ #include "capability-util.h" #include "daemon-util.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "resolved-bus.h" #include "resolved-conf.h" #include "resolved-manager.h" diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 367c1df240..07e301276f 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -33,7 +33,7 @@ #include "macro.h" #include "memory-util.h" #include "missing_syscall.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "process-util.h" #include "random-util.h" #include "signal-util.h" diff --git a/src/shared/copy.c b/src/shared/copy.c index 51dd08eccd..fd83d74265 100644 --- a/src/shared/copy.c +++ b/src/shared/copy.c @@ -20,6 +20,7 @@ #include "io-util.h" #include "macro.h" #include "missing_syscall.h" +#include "mkdir-label.h" #include "mountpoint-util.h" #include "nulstr-util.h" #include "rm-rf.h" diff --git a/src/shared/dev-setup.c b/src/shared/dev-setup.c index 0390abbfdc..a340524510 100644 --- a/src/shared/dev-setup.c +++ b/src/shared/dev-setup.c @@ -8,6 +8,7 @@ #include "dev-setup.h" #include "label.h" #include "log.h" +#include "mkdir-label.h" #include "nulstr-util.h" #include "path-util.h" #include "umask-util.h" diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 6b2289defa..18c7991570 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -46,7 +46,7 @@ #include "hostname-setup.h" #include "id128-util.h" #include "import-util.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "namespace-util.h" diff --git a/src/shared/generator.c b/src/shared/generator.c index 3967edfa06..014b34747d 100644 --- a/src/shared/generator.c +++ b/src/shared/generator.c @@ -13,7 +13,7 @@ #include "generator.h" #include "log.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "special.h" #include "specifier.h" @@ -63,7 +63,7 @@ int generator_add_symlink(const char *dir, const char *dst, const char *dep_type from = path_is_absolute(src) ? src : strjoina("../", src); to = strjoina(dir, "/", dst, ".", dep_type, "/", basename(src)); - mkdir_parents_label(to, 0755); + (void) mkdir_parents_label(to, 0755); if (symlink(from, to) < 0) if (errno != EEXIST) return log_error_errno(errno, "Failed to create symlink \"%s\": %m", to); diff --git a/src/shared/hwdb-util.c b/src/shared/hwdb-util.c index d7626aed95..a7929bccb0 100644 --- a/src/shared/hwdb-util.c +++ b/src/shared/hwdb-util.c @@ -12,7 +12,7 @@ #include "hwdb-internal.h" #include "hwdb-util.h" #include "label.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "nulstr-util.h" #include "path-util.h" #include "sort-util.h" diff --git a/src/shared/install.c b/src/shared/install.c index 268cbd9602..6e77a72bde 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -26,7 +26,7 @@ #include "locale-util.h" #include "log.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-lookup.h" #include "path-util.h" #include "rm-rf.h" @@ -461,7 +461,7 @@ static int create_symlink( * the right place, or negative on error. */ - mkdir_parents_label(new_path, 0755); + (void) mkdir_parents_label(new_path, 0755); if (symlink(old_path, new_path) >= 0) { unit_file_changes_add(changes, n_changes, UNIT_FILE_SYMLINK, new_path, old_path); diff --git a/src/shared/label.h b/src/shared/label.h index b198e140d0..ec5160284d 100644 --- a/src/shared/label.h +++ b/src/shared/label.h @@ -15,12 +15,6 @@ static inline int label_fix(const char *path, LabelFixFlags flags) { return label_fix_container(path, path, flags); } -int mkdirat_label(int dirfd, const char *path, mode_t mode); - -static inline int mkdir_label(const char *path, mode_t mode) { - return mkdirat_label(AT_FDCWD, path, mode); -} - int symlink_label(const char *old_path, const char *new_path); int symlink_atomic_label(const char *from, const char *to); int mknod_label(const char *pathname, mode_t mode, dev_t dev); diff --git a/src/shared/meson.build b/src/shared/meson.build index 1fd1d711b0..00485e6543 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -209,6 +209,7 @@ shared_sources = files(''' macvlan-util.h main-func.h mkdir-label.c + mkdir-label.h mkfs-util.c mkfs-util.h module-util.h diff --git a/src/shared/mkdir-label.c b/src/shared/mkdir-label.c index 3c332d1007..d36a6466d7 100644 --- a/src/shared/mkdir-label.c +++ b/src/shared/mkdir-label.c @@ -1,13 +1,6 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ -#include -#include -#include -#include - -#include "label.h" -#include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "selinux-util.h" #include "smack-util.h" #include "user-util.h" diff --git a/src/shared/mkdir-label.h b/src/shared/mkdir-label.h new file mode 100644 index 0000000000..0b1a3894bd --- /dev/null +++ b/src/shared/mkdir-label.h @@ -0,0 +1,17 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include +#include + +#include "mkdir.h" + +int mkdirat_label(int dirfd, const char *path, mode_t mode); + +static inline int mkdir_label(const char *path, mode_t mode) { + return mkdirat_label(AT_FDCWD, path, mode); +} + +int mkdir_safe_label(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags); +int mkdir_parents_label(const char *path, mode_t mod); +int mkdir_p_label(const char *path, mode_t mode); diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c index da6bf27426..7917968497 100644 --- a/src/shared/mount-setup.c +++ b/src/shared/mount-setup.c @@ -20,7 +20,7 @@ #include "label.h" #include "log.h" #include "macro.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-setup.h" #include "mount-util.h" #include "mountpoint-util.h" diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c index fcc900bdce..8d4a6cd25a 100644 --- a/src/shared/mount-util.c +++ b/src/shared/mount-util.c @@ -22,7 +22,7 @@ #include "libmount-util.h" #include "missing_mount.h" #include "missing_syscall.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "namespace-util.h" diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c index 1669dec50e..8094ad7643 100644 --- a/src/shared/socket-label.c +++ b/src/shared/socket-label.c @@ -14,7 +14,7 @@ #include "log.h" #include "macro.h" #include "missing_socket.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "selinux-util.h" #include "socket-util.h" #include "umask-util.h" diff --git a/src/shared/switch-root.c b/src/shared/switch-root.c index 7edb9d7ff2..99cd574197 100644 --- a/src/shared/switch-root.c +++ b/src/shared/switch-root.c @@ -13,7 +13,7 @@ #include "fd-util.h" #include "log.h" #include "missing_syscall.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "path-util.h" diff --git a/src/systemctl/systemctl-edit.c b/src/systemctl/systemctl-edit.c index 2503bddb96..b59a67ac22 100644 --- a/src/systemctl/systemctl-edit.c +++ b/src/systemctl/systemctl-edit.c @@ -5,7 +5,7 @@ #include "fd-util.h" #include "fileio.h" #include "fs-util.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "pager.h" #include "path-util.h" #include "pretty-print.h" diff --git a/src/test/test-udev.c b/src/test/test-udev.c index 1a113a94c3..c0e779a813 100644 --- a/src/test/test-udev.c +++ b/src/test/test-udev.c @@ -15,7 +15,7 @@ #include "fs-util.h" #include "log.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "namespace-util.h" #include "selinux-util.h" diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c index 94e99b42de..6f316746f5 100644 --- a/src/timesync/timesyncd.c +++ b/src/timesync/timesyncd.c @@ -12,7 +12,7 @@ #include "fd-util.h" #include "fs-util.h" #include "main-func.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "network-util.h" #include "process-util.h" #include "signal-util.h" diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index d6206ffd6a..4f1ce1f73f 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -42,7 +42,7 @@ #include "main-func.h" #include "missing_stat.h" #include "missing_syscall.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "mount-util.h" #include "mountpoint-util.h" #include "offline-passwd.h" diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index 37cfd8bb72..56110ba375 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -30,7 +30,7 @@ #include "macro.h" #include "main-func.h" #include "memory-util.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "path-util.h" #include "pretty-print.h" #include "process-util.h" diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c index 809db14e60..760c3a4448 100644 --- a/src/udev/udev-node.c +++ b/src/udev/udev-node.c @@ -17,7 +17,7 @@ #include "format-util.h" #include "fs-util.h" #include "hexdecoct.h" -#include "mkdir.h" +#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "random-util.h" -- cgit v1.2.1