From 7e8fe8e29f31e2c35d16ab10b8d7a5d582b38b8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 18 Nov 2025 11:19:41 +0100 Subject: [PATCH 1/3] ssh-generator: split out common helper function --- src/ssh-generator/meson.build | 17 ++++++++++++++--- src/ssh-generator/ssh-generator.c | 15 ++++----------- src/ssh-generator/ssh-issue.c | 16 ++++------------ src/ssh-generator/ssh-util.c | 23 +++++++++++++++++++++++ src/ssh-generator/ssh-util.h | 3 +++ 5 files changed, 48 insertions(+), 26 deletions(-) create mode 100644 src/ssh-generator/ssh-util.c create mode 100644 src/ssh-generator/ssh-util.h diff --git a/src/ssh-generator/meson.build b/src/ssh-generator/meson.build index f281a25184..a7162e9b86 100644 --- a/src/ssh-generator/meson.build +++ b/src/ssh-generator/meson.build @@ -3,15 +3,26 @@ executables += [ generator_template + { 'name' : 'systemd-ssh-generator', - 'sources' : files('ssh-generator.c'), + 'sources' : files( + 'ssh-generator.c', + 'ssh-util.c', + ), + 'extract' : files( + 'ssh-util.c', + ), }, libexec_template + { 'name' : 'systemd-ssh-proxy', - 'sources' : files('ssh-proxy.c'), + 'sources' : files( + 'ssh-proxy.c', + ), }, libexec_template + { 'name' : 'systemd-ssh-issue', - 'sources' : files('ssh-issue.c'), + 'sources' : files( + 'ssh-issue.c', + ), + 'objects' : ['systemd-ssh-generator'], }, ] diff --git a/src/ssh-generator/ssh-generator.c b/src/ssh-generator/ssh-generator.c index 8124999585..8454d31141 100644 --- a/src/ssh-generator/ssh-generator.c +++ b/src/ssh-generator/ssh-generator.c @@ -17,6 +17,7 @@ #include "socket-netlink.h" #include "socket-util.h" #include "special.h" +#include "ssh-util.h" #include "string-util.h" #include "strv.h" #include "virt.h" @@ -212,17 +213,9 @@ static int add_vsock_socket( return 0; } - _cleanup_close_ int vsock_fd = socket(AF_VSOCK, SOCK_STREAM|SOCK_CLOEXEC, 0); - if (vsock_fd < 0) { - if (ERRNO_IS_NOT_SUPPORTED(errno)) { - log_debug("Not creating AF_VSOCK ssh listener, since AF_VSOCK is not available."); - return 0; - } - - return log_error_errno(errno, "Unable to test if AF_VSOCK is available: %m"); - } - - vsock_fd = safe_close(vsock_fd); + r = vsock_open_or_warn(/* ret= */ NULL); + if (r <= 0) + return r; /* Determine the local CID so that we can log it to help users to connect to this VM */ unsigned local_cid; diff --git a/src/ssh-generator/ssh-issue.c b/src/ssh-generator/ssh-issue.c index 80c1679c47..71cd596cf8 100644 --- a/src/ssh-generator/ssh-issue.c +++ b/src/ssh-generator/ssh-issue.c @@ -16,6 +16,7 @@ #include "parse-argument.h" #include "pretty-print.h" #include "socket-util.h" +#include "ssh-util.h" #include "string-util.h" #include "tmpfile-util.h" #include "virt.h" @@ -135,18 +136,9 @@ static int acquire_cid(unsigned *ret_cid) { return 0; } - _cleanup_close_ int vsock_fd = socket(AF_VSOCK, SOCK_STREAM|SOCK_CLOEXEC, 0); - if (vsock_fd < 0) { - if (ERRNO_IS_NOT_SUPPORTED(errno)) { - log_debug("Not creating issue file, since AF_VSOCK is not available."); - *ret_cid = 0; - return 0; - } - - return log_error_errno(errno, "Unable to test if AF_VSOCK is available: %m"); - } - - vsock_fd = safe_close(vsock_fd); + r = vsock_open_or_warn(/* ret= */ NULL); + if (r <= 0) + return r; unsigned local_cid; r = vsock_get_local_cid(&local_cid); diff --git a/src/ssh-generator/ssh-util.c b/src/ssh-generator/ssh-util.c new file mode 100644 index 0000000000..5723a2bf2a --- /dev/null +++ b/src/ssh-generator/ssh-util.c @@ -0,0 +1,23 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include +#include + +#include "errno-util.h" +#include "log.h" +#include "ssh-util.h" + +int vsock_open_or_warn(int *ret) { + int fd = RET_NERRNO(socket(AF_VSOCK, SOCK_STREAM|SOCK_CLOEXEC, 0)); + if (ERRNO_IS_NEG_NOT_SUPPORTED(fd)) + log_debug_errno(fd, "AF_VSOCK is not available, ignoring: %m"); + else if (fd < 0) + return log_error_errno(fd, "Unable to test if AF_VSOCK is available: %m"); + + if (ret) + *ret = fd; + else + close(fd); + + return fd >= 0; +} diff --git a/src/ssh-generator/ssh-util.h b/src/ssh-generator/ssh-util.h new file mode 100644 index 0000000000..60984a5401 --- /dev/null +++ b/src/ssh-generator/ssh-util.h @@ -0,0 +1,3 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +int vsock_open_or_warn(int *ret); From 8c019224a1ad7dd325da9fd2a4b9ab519534f659 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 18 Nov 2025 11:34:37 +0100 Subject: [PATCH 2/3] ssh-generator: split out one more helper function --- src/ssh-generator/ssh-generator.c | 12 +++--------- src/ssh-generator/ssh-issue.c | 16 +--------------- src/ssh-generator/ssh-util.c | 16 ++++++++++++++++ src/ssh-generator/ssh-util.h | 1 + 4 files changed, 21 insertions(+), 24 deletions(-) diff --git a/src/ssh-generator/ssh-generator.c b/src/ssh-generator/ssh-generator.c index 8454d31141..2364f86e25 100644 --- a/src/ssh-generator/ssh-generator.c +++ b/src/ssh-generator/ssh-generator.c @@ -219,15 +219,9 @@ static int add_vsock_socket( /* Determine the local CID so that we can log it to help users to connect to this VM */ unsigned local_cid; - r = vsock_get_local_cid(&local_cid); - if (r < 0) { - if (ERRNO_IS_DEVICE_ABSENT(r)) { - log_debug("Not creating AF_VSOCK ssh listener, since /dev/vsock is not available (even though AF_VSOCK is)."); - return 0; - } - - return log_error_errno(r, "Failed to query local AF_VSOCK CID: %m"); - } + r = vsock_get_local_cid_or_warn(&local_cid); + if (r <= 0) + return r; r = make_sshd_template_unit( dest, diff --git a/src/ssh-generator/ssh-issue.c b/src/ssh-generator/ssh-issue.c index 71cd596cf8..61ac5c0240 100644 --- a/src/ssh-generator/ssh-issue.c +++ b/src/ssh-generator/ssh-issue.c @@ -15,7 +15,6 @@ #include "mkdir.h" #include "parse-argument.h" #include "pretty-print.h" -#include "socket-util.h" #include "ssh-util.h" #include "string-util.h" #include "tmpfile-util.h" @@ -140,20 +139,7 @@ static int acquire_cid(unsigned *ret_cid) { if (r <= 0) return r; - unsigned local_cid; - r = vsock_get_local_cid(&local_cid); - if (r < 0) { - if (ERRNO_IS_DEVICE_ABSENT(r)) { - log_debug("Not creating issue file, since /dev/vsock is not available (even though AF_VSOCK is)."); - *ret_cid = 0; - return 0; - } - - return log_error_errno(r, "Failed to query local AF_VSOCK CID: %m"); - } - - *ret_cid = local_cid; - return 1; + return vsock_get_local_cid_or_warn(ret_cid); } static int run(int argc, char* argv[]) { diff --git a/src/ssh-generator/ssh-util.c b/src/ssh-generator/ssh-util.c index 5723a2bf2a..d414713486 100644 --- a/src/ssh-generator/ssh-util.c +++ b/src/ssh-generator/ssh-util.c @@ -5,6 +5,7 @@ #include "errno-util.h" #include "log.h" +#include "socket-util.h" #include "ssh-util.h" int vsock_open_or_warn(int *ret) { @@ -21,3 +22,18 @@ int vsock_open_or_warn(int *ret) { return fd >= 0; } + +int vsock_get_local_cid_or_warn(unsigned *ret) { + int r; + + r = vsock_get_local_cid(ret); + if (ERRNO_IS_NEG_DEVICE_ABSENT(r)) { + log_debug_errno(r, "/dev/vsock is not available (even though AF_VSOCK is), ignoring: %m"); + if (ret) + *ret = 0; /* bogus value */ + return 0; + } + if (r < 0) + return log_error_errno(r, "Failed to query local AF_VSOCK CID: %m"); + return 1; +} diff --git a/src/ssh-generator/ssh-util.h b/src/ssh-generator/ssh-util.h index 60984a5401..2a38e1955e 100644 --- a/src/ssh-generator/ssh-util.h +++ b/src/ssh-generator/ssh-util.h @@ -1,3 +1,4 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ int vsock_open_or_warn(int *ret); +int vsock_get_local_cid_or_warn(unsigned *ret); From 8c3acba63b40cd0ebcb9863804e598744eda0b80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 18 Nov 2025 11:37:59 +0100 Subject: [PATCH 3/3] ssh-generator: suppress error message for vsock EADDRNOTAVAIL In logs in the Fedora OpenQA CI: Nov 17 22:20:06 fedora systemd-ssh-generator[4117]: Failed to query local AF_VSOCK CID: Cannot assign requested address Nov 17 22:20:06 fedora (generato[4088]: /usr/lib/systemd/system-generators/systemd-ssh-generator failed with exit status 1. Nov 17 22:20:06 fedora systemd[1]: sshd-vsock.socket: Unit configuration changed while unit was running, and no socket file descriptors are open. Unit not functional until restarted. AF_VSOCK is not configured there and systemd-ssh-generator should just exit quietly. vsock_get_local_cid() already does some logging at debug level, so we don't need to. There is also a second bug, we report modifications to the unit have just created. I think we have an issue open for this somewhere, but cannot find it. --- src/ssh-generator/ssh-util.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/ssh-generator/ssh-util.c b/src/ssh-generator/ssh-util.c index d414713486..48cb662b71 100644 --- a/src/ssh-generator/ssh-util.c +++ b/src/ssh-generator/ssh-util.c @@ -27,8 +27,9 @@ int vsock_get_local_cid_or_warn(unsigned *ret) { int r; r = vsock_get_local_cid(ret); - if (ERRNO_IS_NEG_DEVICE_ABSENT(r)) { - log_debug_errno(r, "/dev/vsock is not available (even though AF_VSOCK is), ignoring: %m"); + if (ERRNO_IS_NEG_DEVICE_ABSENT(r) || r == -EADDRNOTAVAIL) { + if (ERRNO_IS_NEG_DEVICE_ABSENT(r)) + log_debug_errno(r, "/dev/vsock is not available (even though AF_VSOCK is), ignoring: %m"); if (ret) *ret = 0; /* bogus value */ return 0;