morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 16:37:19 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ce2c1bb5fc07497dfd91feb2bb89554aab166c9
systemd/src/dissect/dissect.c
Mike Yuan 7ce2c1bb5f mountpoint-util: rename fd_is_mount_point() to is_mount_point_at() 
fd_* functions in our codebase usually mean fd-specific operations,
while this one actually takes openat()-style params. Rename it
accordingly hence.
2025-01-22 01:37:31 +01:00

2266 lines
94 KiB
C
Raw Blame History

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <fcntl.h>
#include <getopt.h>
#include <linux/loop.h>
#include <stdio.h>
#include <sys/file.h>
#include <sys/ioctl.h>
#include <sys/mount.h>
#include "sd-device.h"
#include "architecture.h"
#include "blockdev-util.h"
#include "build.h"
#include "chase.h"
#include "copy.h"
#include "device-util.h"
#include "devnum-util.h"
#include "discover-image.h"
#include "dissect-image.h"
#include "env-util.h"
#include "escape.h"
#include "fd-util.h"
#include "fileio.h"
#include "format-table.h"
#include "format-util.h"
#include "fs-util.h"
#include "hexdecoct.h"
#include "json-util.h"
#include "libarchive-util.h"
#include "log.h"
#include "loop-util.h"
#include "main-func.h"
#include "missing_syscall.h"
#include "mkdir.h"
#include "mount-util.h"
#include "mountpoint-util.h"
#include "namespace-util.h"
#include "nsresource.h"
#include "parse-argument.h"
#include "parse-util.h"
#include "path-util.h"
#include "pretty-print.h"
#include "process-util.h"
#include "recurse-dir.h"
#include "sha256.h"
#include "shift-uid.h"
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
#include "tmpfile-util.h"
#include "uid-classification.h"
#include "user-util.h"
#include "vpick.h"
static enum {
ACTION_DISSECT,
ACTION_MOUNT,
ACTION_UMOUNT,
ACTION_ATTACH,
ACTION_DETACH,
ACTION_LIST,
ACTION_MTREE,
ACTION_WITH,
ACTION_COPY_FROM,
ACTION_COPY_TO,
ACTION_DISCOVER,
ACTION_VALIDATE,
ACTION_MAKE_ARCHIVE,
ACTION_SHIFT,
} arg_action = ACTION_DISSECT;
static char *arg_image = NULL;
static char *arg_root = NULL;
static char *arg_path = NULL;
static const char *arg_source = NULL;
static const char *arg_target = NULL;
static DissectImageFlags arg_flags =
DISSECT_IMAGE_GENERIC_ROOT |
DISSECT_IMAGE_DISCARD_ON_LOOP |
DISSECT_IMAGE_RELAX_VAR_CHECK |
DISSECT_IMAGE_FSCK |
DISSECT_IMAGE_USR_NO_ROOT |
DISSECT_IMAGE_GROWFS |
DISSECT_IMAGE_PIN_PARTITION_DEVICES |
DISSECT_IMAGE_ADD_PARTITION_DEVICES |
DISSECT_IMAGE_ALLOW_USERSPACE_VERITY;
static VeritySettings arg_verity_settings = VERITY_SETTINGS_DEFAULT;
static sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
static PagerFlags arg_pager_flags = 0;
static bool arg_legend = true;
static bool arg_rmdir = false;
static bool arg_in_memory = false;
static char **arg_argv = NULL;
static char *arg_loop_ref = NULL;
static ImagePolicy *arg_image_policy = NULL;
static bool arg_mtree_hash = true;
static bool arg_via_service = false;
static RuntimeScope arg_runtime_scope = _RUNTIME_SCOPE_INVALID;
static bool arg_all = false;
static uid_t arg_uid_base = UID_INVALID;
STATIC_DESTRUCTOR_REGISTER(arg_image, freep);
STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
STATIC_DESTRUCTOR_REGISTER(arg_path, freep);
STATIC_DESTRUCTOR_REGISTER(arg_verity_settings, verity_settings_done);
STATIC_DESTRUCTOR_REGISTER(arg_argv, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_loop_ref, freep);
STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
static int help(void) {
_cleanup_free_ char *link = NULL;
int r;
pager_open(arg_pager_flags);
r = terminal_urlify_man("systemd-dissect", "1", &link);
if (r < 0)
return log_oom();
printf("%1$s [OPTIONS...] IMAGE\n"
"%1$s [OPTIONS...] --mount IMAGE PATH\n"
"%1$s [OPTIONS...] --umount PATH\n"
"%1$s [OPTIONS...] --attach IMAGE\n"
"%1$s [OPTIONS...] --detach PATH\n"
"%1$s [OPTIONS...] --list IMAGE\n"
"%1$s [OPTIONS...] --mtree IMAGE\n"
"%1$s [OPTIONS...] --with IMAGE [COMMAND…]\n"
"%1$s [OPTIONS...] --copy-from IMAGE PATH [TARGET]\n"
"%1$s [OPTIONS...] --copy-to IMAGE [SOURCE] PATH\n"
"%1$s [OPTIONS...] --make-archive IMAGE [TARGET]\n"
"%1$s [OPTIONS...] --discover\n"
"%1$s [OPTIONS...] --validate IMAGE\n"
"%1$s [OPTIONS...] --shift IMAGE UIDBASE\n"
"\n%5$sDissect a Discoverable Disk Image (DDI).%6$s\n\n"
"%3$sOptions:%4$s\n"
" --no-pager Do not pipe output into a pager\n"
" --no-legend Do not show the headers and footers\n"
" -r --read-only Mount read-only\n"
" --fsck=BOOL Run fsck before mounting\n"
" --growfs=BOOL Grow file system to partition size, if marked\n"
" --mkdir Make mount directory before mounting, if missing\n"
" --rmdir Remove mount directory after unmounting\n"
" --discard=MODE Choose 'discard' mode (disabled, loop, all, crypto)\n"
" --in-memory Copy image into memory\n"
" --root-hash=HASH Specify root hash for verity\n"
" --root-hash-sig=SIG Specify pkcs7 signature of root hash for verity\n"
" as a DER encoded PKCS7, either as a path to a file\n"
" or as an ASCII base64 encoded string prefixed by\n"
" 'base64:'\n"
" --verity-data=PATH Specify data file with hash tree for verity if it is\n"
" not embedded in IMAGE\n"
" --image-policy=POLICY\n"
" Specify image dissection policy\n"
" --json=pretty|short|off\n"
" Generate JSON output\n"
" --loop-ref=NAME Set reference string for loopback device\n"
" --mtree-hash=BOOL Whether to include SHA256 hash in the mtree output\n"
" --user Discover user images\n"
" --system Discover system images\n"
" --all Show hidden images too\n"
"\n%3$sCommands:%4$s\n"
" -h --help Show this help\n"
" --version Show package version\n"
" -m --mount Mount the image to the specified directory\n"
" -M Shortcut for --mount --mkdir\n"
" -u --umount Unmount the image from the specified directory\n"
" -U Shortcut for --umount --rmdir\n"
" --attach Attach the disk image to a loopback block device\n"
" --detach Detach a loopback block device again\n"
" -l --list List all the files and directories of the specified\n"
" OS image\n"
" --mtree Show BSD mtree manifest of OS image\n"
" --with Mount, run command, unmount\n"
" -x --copy-from Copy files from image to host\n"
" -a --copy-to Copy files from host to image\n"
" --make-archive Convert the DDI to an archive file\n"
" --discover Discover DDIs in well known directories\n"
" --validate Validate image and image policy\n"
" --shift Shift UID range to selected base\n"
"\nSee the %2$s for details.\n",
program_invocation_short_name,
link,
ansi_underline(),
ansi_normal(),
ansi_highlight(),
ansi_normal());
return 0;
}
static int patch_argv(int *argc, char ***argv, char ***buf) {
_cleanup_free_ char **l = NULL;
char **e;
assert(argc);
assert(*argc >= 0);
assert(argv);
assert(*argv);
assert(buf);
/* Ugly hack: if --with is included in command line, also insert "--" immediately after it, to make
* getopt_long() stop processing switches */
for (e = *argv + 1; e < *argv + *argc; e++) {
assert(*e);
if (streq(*e, "--with"))
break;
}
if (e >= *argv + *argc || streq_ptr(e[1], "--")) {
/* No --with used? Or already followed by "--"? Then don't do anything */
*buf = NULL;
return 0;
}
/* Insert the extra "--" right after the --with */
l = new(char*, *argc + 2);
if (!l)
return log_oom();
size_t idx = e - *argv + 1;
memcpy(l, *argv, sizeof(char*) * idx); /* copy everything up to and including the --with */
l[idx] = (char*) "--"; /* insert "--" */
memcpy(l + idx + 1, e + 1, sizeof(char*) * (*argc - idx + 1)); /* copy the rest, including trailing NULL entry */
(*argc)++;
(*argv) = l;
*buf = TAKE_PTR(l);
return 1;
}
static int parse_image_path_argument(const char *path, char **ret_root, char **ret_image) {
_cleanup_free_ char *p = NULL;
struct stat st;
int r;
assert(ret_image);
r = parse_path_argument(path, /* suppress_root= */ false, &p);
if (r < 0)
return r;
if (stat(p, &st) < 0)
return log_error_errno(errno, "Failed to stat %s: %m", p);
if (S_ISDIR(st.st_mode)) {
if (!ret_root)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "%s is not an image file.", p);
*ret_root = TAKE_PTR(p);
} else
*ret_image = TAKE_PTR(p);
return 0;
}
static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_NO_PAGER,
ARG_NO_LEGEND,
ARG_WITH,
ARG_DISCARD,
ARG_FSCK,
ARG_GROWFS,
ARG_ROOT_HASH,
ARG_ROOT_HASH_SIG,
ARG_VERITY_DATA,
ARG_MKDIR,
ARG_RMDIR,
ARG_IN_MEMORY,
ARG_JSON,
ARG_MTREE,
ARG_DISCOVER,
ARG_ATTACH,
ARG_DETACH,
ARG_LOOP_REF,
ARG_IMAGE_POLICY,
ARG_VALIDATE,
ARG_MTREE_HASH,
ARG_MAKE_ARCHIVE,
ARG_SHIFT,
ARG_SYSTEM,
ARG_USER,
ARG_ALL,
};
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "no-pager", no_argument, NULL, ARG_NO_PAGER },
{ "no-legend", no_argument, NULL, ARG_NO_LEGEND },
{ "mount", no_argument, NULL, 'm' },
{ "umount", no_argument, NULL, 'u' },
{ "attach", no_argument, NULL, ARG_ATTACH },
{ "detach", no_argument, NULL, ARG_DETACH },
{ "with", no_argument, NULL, ARG_WITH },
{ "read-only", no_argument, NULL, 'r' },
{ "discard", required_argument, NULL, ARG_DISCARD },
{ "fsck", required_argument, NULL, ARG_FSCK },
{ "growfs", required_argument, NULL, ARG_GROWFS },
{ "root-hash", required_argument, NULL, ARG_ROOT_HASH },
{ "root-hash-sig", required_argument, NULL, ARG_ROOT_HASH_SIG },
{ "verity-data", required_argument, NULL, ARG_VERITY_DATA },
{ "mkdir", no_argument, NULL, ARG_MKDIR },
{ "rmdir", no_argument, NULL, ARG_RMDIR },
{ "in-memory", no_argument, NULL, ARG_IN_MEMORY },
{ "list", no_argument, NULL, 'l' },
{ "mtree", no_argument, NULL, ARG_MTREE },
{ "copy-from", no_argument, NULL, 'x' },
{ "copy-to", no_argument, NULL, 'a' },
{ "json", required_argument, NULL, ARG_JSON },
{ "discover", no_argument, NULL, ARG_DISCOVER },
{ "loop-ref", required_argument, NULL, ARG_LOOP_REF },
{ "image-policy", required_argument, NULL, ARG_IMAGE_POLICY },
{ "validate", no_argument, NULL, ARG_VALIDATE },
{ "mtree-hash", required_argument, NULL, ARG_MTREE_HASH },
{ "make-archive", no_argument, NULL, ARG_MAKE_ARCHIVE },
{ "shift", no_argument, NULL, ARG_SHIFT },
{ "system", no_argument, NULL, ARG_SYSTEM },
{ "user", no_argument, NULL, ARG_USER },
{ "all", no_argument, NULL, ARG_ALL },
{}
};
_cleanup_free_ char **buf = NULL; /* we use free(), not strv_free() here, as we don't copy the strings here */
bool system_scope_requested = false, user_scope_requested = false;
int c, r;
assert(argc >= 0);
assert(argv);
r = patch_argv(&argc, &argv, &buf);
if (r < 0)
return r;
while ((c = getopt_long(argc, argv, "hmurMUlxa", options, NULL)) >= 0) {
switch (c) {
case 'h':
return help();
case ARG_VERSION:
return version();
case ARG_NO_PAGER:
arg_pager_flags |= PAGER_DISABLE;
break;
case ARG_NO_LEGEND:
arg_legend = false;
break;
case 'm':
arg_action = ACTION_MOUNT;
break;
case ARG_MKDIR:
arg_flags |= DISSECT_IMAGE_MKDIR;
break;
case 'M':
/* Shortcut combination of the above two */
arg_action = ACTION_MOUNT;
arg_flags |= DISSECT_IMAGE_MKDIR;
break;
case 'u':
arg_action = ACTION_UMOUNT;
break;
case ARG_RMDIR:
arg_rmdir = true;
break;
case 'U':
/* Shortcut combination of the above two */
arg_action = ACTION_UMOUNT;
arg_rmdir = true;
break;
case ARG_ATTACH:
arg_action = ACTION_ATTACH;
break;
case ARG_DETACH:
arg_action = ACTION_DETACH;
break;
case 'l':
arg_action = ACTION_LIST;
arg_flags |= DISSECT_IMAGE_READ_ONLY;
break;
case ARG_MTREE:
arg_action = ACTION_MTREE;
arg_flags |= DISSECT_IMAGE_READ_ONLY;
break;
case ARG_WITH:
arg_action = ACTION_WITH;
break;
case 'x':
arg_action = ACTION_COPY_FROM;
arg_flags |= DISSECT_IMAGE_READ_ONLY;
break;
case 'a':
arg_action = ACTION_COPY_TO;
break;
case 'r':
arg_flags |= DISSECT_IMAGE_READ_ONLY;
break;
case ARG_DISCARD: {
DissectImageFlags flags;
if (streq(optarg, "disabled"))
flags = 0;
else if (streq(optarg, "loop"))
flags = DISSECT_IMAGE_DISCARD_ON_LOOP;
else if (streq(optarg, "all"))
flags = DISSECT_IMAGE_DISCARD_ON_LOOP | DISSECT_IMAGE_DISCARD;
else if (streq(optarg, "crypt"))
flags = DISSECT_IMAGE_DISCARD_ANY;
else if (streq(optarg, "list")) {
puts("disabled\n"
"all\n"
"crypt\n"
"loop");
return 0;
} else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Unknown --discard= parameter: %s",
optarg);
arg_flags = (arg_flags & ~DISSECT_IMAGE_DISCARD_ANY) | flags;
break;
}
case ARG_IN_MEMORY:
arg_in_memory = true;
break;
case ARG_ROOT_HASH: {
_cleanup_free_ void *p = NULL;
size_t l;
r = unhexmem(optarg, &p, &l);
if (r < 0)
return log_error_errno(r, "Failed to parse root hash '%s': %m", optarg);
if (l < sizeof(sd_id128_t))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Root hash must be at least 128-bit long: %s", optarg);
free_and_replace(arg_verity_settings.root_hash, p);
arg_verity_settings.root_hash_size = l;
break;
}
case ARG_ROOT_HASH_SIG: {
char *value;
size_t l;
void *p;
if ((value = startswith(optarg, "base64:"))) {
r = unbase64mem(value, &p, &l);
if (r < 0)
return log_error_errno(r, "Failed to parse root hash signature '%s': %m", optarg);
} else {
r = read_full_file(optarg, (char**) &p, &l);
if (r < 0)
return log_error_errno(r, "Failed to read root hash signature file '%s': %m", optarg);
}
free_and_replace(arg_verity_settings.root_hash_sig, p);
arg_verity_settings.root_hash_sig_size = l;
break;
}
case ARG_VERITY_DATA:
r = parse_path_argument(optarg, false, &arg_verity_settings.data_path);
if (r < 0)
return r;
break;
case ARG_FSCK:
r = parse_boolean(optarg);
if (r < 0)
return log_error_errno(r, "Failed to parse --fsck= parameter: %s", optarg);
SET_FLAG(arg_flags, DISSECT_IMAGE_FSCK, r);
break;
case ARG_GROWFS:
r = parse_boolean(optarg);
if (r < 0)
return log_error_errno(r, "Failed to parse --growfs= parameter: %s", optarg);
SET_FLAG(arg_flags, DISSECT_IMAGE_GROWFS, r);
break;
case ARG_JSON:
r = parse_json_argument(optarg, &arg_json_format_flags);
if (r <= 0)
return r;
break;
case ARG_DISCOVER:
arg_action = ACTION_DISCOVER;
break;
case ARG_LOOP_REF:
if (isempty(optarg)) {
arg_loop_ref = mfree(arg_loop_ref);
break;
}
if (strlen(optarg) >= sizeof_field(struct loop_info64, lo_file_name))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Loop device ref string '%s' is too long.", optarg);
r = free_and_strdup_warn(&arg_loop_ref, optarg);
if (r < 0)
return r;
break;
case ARG_IMAGE_POLICY:
r = parse_image_policy_argument(optarg, &arg_image_policy);
if (r < 0)
return r;
break;
case ARG_VALIDATE:
arg_action = ACTION_VALIDATE;
break;
case ARG_MTREE_HASH:
r = parse_boolean_argument("--mtree-hash=", optarg, &arg_mtree_hash);
if (r < 0)
return r;
break;
case ARG_MAKE_ARCHIVE:
r = dlopen_libarchive();
if (r < 0)
return log_error_errno(r, "Archive support not available (compiled without libarchive, or libarchive not installed?).");
arg_action = ACTION_MAKE_ARCHIVE;
break;
case ARG_SHIFT:
arg_action = ACTION_SHIFT;
break;
case ARG_SYSTEM:
system_scope_requested = true;
break;
case ARG_USER:
user_scope_requested = true;
break;
case ARG_ALL:
arg_all = true;
break;
case '?':
return -EINVAL;
default:
assert_not_reached();
}
}
if (system_scope_requested || user_scope_requested)
arg_runtime_scope = system_scope_requested && user_scope_requested ? _RUNTIME_SCOPE_INVALID :
system_scope_requested ? RUNTIME_SCOPE_SYSTEM : RUNTIME_SCOPE_USER;
switch (arg_action) {
case ACTION_DISSECT:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path as only argument.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
/* when dumping image info be even more liberal than otherwise, do not even require a single valid partition */
arg_flags |= DISSECT_IMAGE_READ_ONLY|DISSECT_IMAGE_ALLOW_EMPTY;
break;
case ACTION_MOUNT:
if (optind + 2 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path and mount point path as only arguments.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
r = parse_path_argument(argv[optind+1], /* suppress_root= */ false, &arg_path);
if (r < 0)
return r;
arg_flags |= DISSECT_IMAGE_REQUIRE_ROOT;
break;
case ACTION_UMOUNT:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected a mount point path as only argument.");
r = parse_path_argument(argv[optind], /* suppress_root= */ false, &arg_path);
if (r < 0)
return r;
break;
case ACTION_ATTACH:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path as only argument.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
break;
case ACTION_DETACH:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path or loopback device as only argument.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
break;
case ACTION_LIST:
case ACTION_MTREE:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file or directory path as only argument.");
r = parse_image_path_argument(argv[optind], &arg_root, &arg_image);
if (r < 0)
return r;
arg_flags |= DISSECT_IMAGE_READ_ONLY | DISSECT_IMAGE_REQUIRE_ROOT;
break;
case ACTION_MAKE_ARCHIVE:
if (argc < optind + 1 || argc > optind + 2)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file, and an optional target path as only arguments.");
r = parse_image_path_argument(argv[optind], &arg_root, &arg_image);
if (r < 0)
return r;
arg_target = argc > optind + 1 ? empty_or_dash_to_null(argv[optind + 1]) : NULL;
arg_flags |= DISSECT_IMAGE_READ_ONLY | DISSECT_IMAGE_REQUIRE_ROOT;
break;
case ACTION_COPY_FROM:
if (argc < optind + 2 || argc > optind + 3)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file or directory path, a source path and an optional destination path as only arguments.");
r = parse_image_path_argument(argv[optind], &arg_root, &arg_image);
if (r < 0)
return r;
arg_source = argv[optind + 1];
arg_target = argc > optind + 2 ? argv[optind + 2] : "-" /* this means stdout */ ;
arg_flags |= DISSECT_IMAGE_READ_ONLY | DISSECT_IMAGE_REQUIRE_ROOT;
break;
case ACTION_COPY_TO:
if (argc < optind + 2 || argc > optind + 3)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file or directory path, an optional source path and a destination path as only arguments.");
r = parse_image_path_argument(argv[optind], &arg_root, &arg_image);
if (r < 0)
return r;
if (argc > optind + 2) {
arg_source = argv[optind + 1];
arg_target = argv[optind + 2];
} else {
arg_source = "-"; /* this means stdin */
arg_target = argv[optind + 1];
}
arg_flags |= DISSECT_IMAGE_REQUIRE_ROOT;
break;
case ACTION_WITH:
if (optind >= argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path and an optional command line.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
if (argc > optind + 1) {
arg_argv = strv_copy(argv + optind + 1);
if (!arg_argv)
return log_oom();
}
break;
case ACTION_DISCOVER:
if (optind != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected no argument.");
break;
case ACTION_VALIDATE:
if (optind + 1 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path as only argument.");
r = parse_image_path_argument(argv[optind], NULL, &arg_image);
if (r < 0)
return r;
arg_flags |= DISSECT_IMAGE_READ_ONLY;
arg_flags &= ~(DISSECT_IMAGE_PIN_PARTITION_DEVICES|DISSECT_IMAGE_ADD_PARTITION_DEVICES);
break;
case ACTION_SHIFT:
if (optind + 2 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image path and a UID base as only argument.");
r = parse_image_path_argument(argv[optind], &arg_root, &arg_image);
if (r < 0)
return r;
if (streq(argv[optind + 1], "foreign"))
arg_uid_base = FOREIGN_UID_BASE;
else {
r = parse_uid(argv[optind + 1], &arg_uid_base);
if (r < 0)
return log_error_errno(r, "Failed to parse UID base: %s", argv[optind + 1]);
if ((arg_uid_base & 0xFFFF) != 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Selected UID base not a multiple of 64K: " UID_FMT, arg_uid_base);
if (arg_uid_base != 0 &&
!uid_is_container(arg_uid_base) &&
!uid_is_foreign(arg_uid_base))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Selected UID range is not in the container range, nor the foreign one, refusing.");
}
arg_flags |= DISSECT_IMAGE_REQUIRE_ROOT;
break;
default:
assert_not_reached();
}
r = getenv_bool("SYSTEMD_USE_MOUNTFSD");
if (r < 0) {
if (r != -ENXIO)
return log_error_errno(r, "Failed to parse $SYSTEMD_USE_MOUNTFSD: %m");
} else
arg_via_service = r;
if (!IN_SET(arg_action, ACTION_DISSECT, ACTION_LIST, ACTION_MTREE, ACTION_COPY_FROM, ACTION_COPY_TO, ACTION_DISCOVER, ACTION_VALIDATE) && geteuid() != 0)
return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Need to be root.");
SET_FLAG(arg_flags, DISSECT_IMAGE_ALLOW_INTERACTIVE_AUTH, isatty_safe(STDIN_FILENO));
return 1;
}
static int parse_argv_as_mount_helper(int argc, char *argv[]) {
const char *options = NULL;
bool fake = false;
int c, r;
/* Implements util-linux "external helper" command line interface, as per mount(8) man page. */
while ((c = getopt(argc, argv, "sfnvN:o:t:")) >= 0) {
switch (c) {
case 'f':
fake = true;
break;
case 'o':
options = optarg;
break;
case 't':
if (!streq(optarg, "ddi"))
log_debug("Unexpected file system type '%s', ignoring.", optarg);
break;
case 's': /* sloppy mount options */
case 'n': /* aka --no-mtab */
case 'v': /* aka --verbose */
log_debug("Ignoring option -%c, not implemented.", c);
break;
case 'N': /* aka --namespace= */
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Option -%c is not implemented, refusing.", c);
case '?':
return -EINVAL;
}
}
if (optind + 2 != argc)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Expected an image file path and target directory as only argument.");
for (const char *p = options;;) {
_cleanup_free_ char *word = NULL;
r = extract_first_word(&p, &word, ",", EXTRACT_KEEP_QUOTE);
if (r < 0)
return log_error_errno(r, "Failed to extract mount option: %m");
if (r == 0)
break;
if (streq(word, "ro"))
SET_FLAG(arg_flags, DISSECT_IMAGE_READ_ONLY, true);
else if (streq(word, "rw"))
SET_FLAG(arg_flags, DISSECT_IMAGE_READ_ONLY, false);
else if (streq(word, "discard"))
SET_FLAG(arg_flags, DISSECT_IMAGE_DISCARD_ANY, true);
else if (streq(word, "nodiscard"))
SET_FLAG(arg_flags, DISSECT_IMAGE_DISCARD_ANY, false);
else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Unknown mount option '%s'.", word);
}
if (fake)
return 0;
r = parse_path_argument(argv[optind], /* suppress_root= */ false, &arg_image);
if (r < 0)
return r;
r = parse_path_argument(argv[optind+1], /* suppress_root= */ false, &arg_path);
if (r < 0)
return r;
arg_flags |= DISSECT_IMAGE_REQUIRE_ROOT;
arg_action = ACTION_MOUNT;
return 1;
}
static void strv_pair_print(char **l, const char *prefix) {
assert(prefix);
STRV_FOREACH_PAIR(p, q, l)
if (p == l)
printf("%s %s=%s\n", prefix, *p, *q);
else
printf("%*s %s=%s\n", (int) strlen(prefix), "", *p, *q);
}
static int get_extension_scopes(DissectedImage *m, ImageClass class, char ***ret_scopes) {
_cleanup_strv_free_ char **l = NULL;
const char *e, *field_name;
char **release_data;
assert(m);
assert(ret_scopes);
switch (class) {
case IMAGE_SYSEXT:
release_data = m->sysext_release;
field_name = "SYSEXT_SCOPE";
break;
case IMAGE_CONFEXT:
release_data = m->confext_release;
field_name = "CONFEXT_SCOPE";
break;
default:
return -EINVAL;
}
/* If there's no extension-release file its not a system extension. Otherwise the SYSEXT_SCOPE
* field for sysext images and the CONFEXT_SCOPE field for confext images indicates which scope
* it is for — and it defaults to "system" + "portable" if unset. */
if (!release_data) {
*ret_scopes = NULL;
return 0;
}
e = strv_env_pairs_get(release_data, field_name);
if (e)
l = strv_split(e, WHITESPACE);
else
l = strv_new("system", "portable");
if (!l)
return -ENOMEM;
*ret_scopes = TAKE_PTR(l);
return 1;
}
static int action_dissect(
DissectedImage *m,
LoopDevice *d,
int userns_fd) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *v = NULL;
_cleanup_(table_unrefp) Table *t = NULL;
_cleanup_free_ char *bn = NULL;
uint64_t size = UINT64_MAX;
int r;
assert(m);
r = path_extract_filename(arg_image, &bn);
if (r < 0)
return log_error_errno(r, "Failed to extract file name from image path '%s': %m", arg_image);
if (arg_json_format_flags & (SD_JSON_FORMAT_OFF|SD_JSON_FORMAT_PRETTY|SD_JSON_FORMAT_PRETTY_AUTO))
pager_open(arg_pager_flags);
if (!sd_json_format_enabled(arg_json_format_flags)) {
printf(" File Name: %s%s%s\n",
ansi_highlight(), bn, ansi_normal());
printf(" Size: %s\n",
FORMAT_BYTES(m->image_size));
printf(" Sec. Size: %" PRIu32 "\n",
m->sector_size);
printf(" Arch.: %s\n",
strna(architecture_to_string(dissected_image_architecture(m))));
putc('\n', stdout);
fflush(stdout);
}
r = dissected_image_acquire_metadata(m, userns_fd, /* extra_flags= */ 0);
if (r == -ENXIO)
return log_error_errno(r, "No root partition discovered.");
if (r == -EUCLEAN)
return log_error_errno(r, "File system check of image failed.");
if (r == -EMEDIUMTYPE)
log_warning_errno(r, "Not a valid OS image, no os-release file included. Proceeding anyway.");
else if (r == -EUNATCH)
log_warning_errno(r, "OS image is encrypted, proceeding without showing OS image metadata.");
else if (r == -EBUSY)
log_warning_errno(r, "OS image is currently in use, proceeding without showing OS image metadata.");
else if (r < 0)
return log_error_errno(r, "Failed to acquire image metadata: %m");
else if (!sd_json_format_enabled(arg_json_format_flags)) {
if (m->image_name && !streq(m->image_name, bn))
printf("Image Name: %s\n", m->image_name);
if (!sd_id128_is_null(m->image_uuid))
printf("Image UUID: %s\n", SD_ID128_TO_UUID_STRING(m->image_uuid));
if (m->hostname)
printf(" Hostname: %s\n", m->hostname);
if (!sd_id128_is_null(m->machine_id))
printf("Machine ID: " SD_ID128_FORMAT_STR "\n", SD_ID128_FORMAT_VAL(m->machine_id));
strv_pair_print(m->machine_info,
"Mach. Info:");
strv_pair_print(m->os_release,
"OS Release:");
strv_pair_print(m->initrd_release,
"initrd R.:");
strv_pair_print(m->sysext_release,
" sysext R.:");
strv_pair_print(m->confext_release,
"confext R.:");
if (m->hostname ||
!sd_id128_is_null(m->machine_id) ||
!strv_isempty(m->machine_info) ||
!strv_isempty(m->os_release) ||
!strv_isempty(m->initrd_release) ||
!strv_isempty(m->sysext_release) ||
!strv_isempty(m->confext_release))
putc('\n', stdout);
printf(" Use As: %s bootable system for UEFI\n",
COLOR_MARK_BOOL(dissected_image_is_bootable_uefi(m)));
printf(" %s bootable system for container\n",
COLOR_MARK_BOOL(dissected_image_is_bootable_os(m)));
printf(" %s portable service\n",
COLOR_MARK_BOOL(dissected_image_is_portable(m)));
printf(" %s initrd\n",
COLOR_MARK_BOOL(dissected_image_is_initrd(m)));
for (ImageClass c = _IMAGE_CLASS_EXTENSION_FIRST; c <= _IMAGE_CLASS_EXTENSION_LAST; c++) {
const char *string_class = image_class_to_string(c);
_cleanup_strv_free_ char **extension_scopes = NULL;
r = get_extension_scopes(m, c, &extension_scopes);
if (r < 0)
return log_error_errno(r, "Failed to parse scopes: %m");
printf(" %s %s for system\n",
COLOR_MARK_BOOL(strv_contains(extension_scopes, "system")), string_class);
printf(" %s %s for portable service\n",
COLOR_MARK_BOOL(strv_contains(extension_scopes, "portable")), string_class);
printf(" %s %s for initrd\n",
COLOR_MARK_BOOL(strv_contains(extension_scopes, "initrd")), string_class);
}
putc('\n', stdout);
} else {
_cleanup_strv_free_ char **sysext_scopes = NULL, **confext_scopes = NULL;
r = get_extension_scopes(m, IMAGE_SYSEXT, &sysext_scopes);
if (r < 0)
return log_error_errno(r, "Failed to parse sysext scopes: %m");
r = get_extension_scopes(m, IMAGE_CONFEXT, &confext_scopes);
if (r < 0)
return log_error_errno(r, "Failed to parse confext scopes: %m");
Architecture a = dissected_image_architecture(m);
r = sd_json_buildo(
&v,
SD_JSON_BUILD_PAIR("name", SD_JSON_BUILD_STRING(bn)),
SD_JSON_BUILD_PAIR_CONDITION(size != UINT64_MAX, "size", SD_JSON_BUILD_INTEGER(size)),
SD_JSON_BUILD_PAIR("sectorSize", SD_JSON_BUILD_INTEGER(m->sector_size)),
SD_JSON_BUILD_PAIR_CONDITION(a >= 0, "architecture", SD_JSON_BUILD_STRING(architecture_to_string(a))),
SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(m->image_uuid), "imageUuid", SD_JSON_BUILD_UUID(m->image_uuid)),
SD_JSON_BUILD_PAIR_CONDITION(!!m->hostname, "hostname", SD_JSON_BUILD_STRING(m->hostname)),
SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(m->machine_id), "machineId", SD_JSON_BUILD_ID128(m->machine_id)),
SD_JSON_BUILD_PAIR_CONDITION(!strv_isempty(m->machine_info), "machineInfo", JSON_BUILD_STRV_ENV_PAIR(m->machine_info)),
SD_JSON_BUILD_PAIR_CONDITION(!strv_isempty(m->os_release), "osRelease", JSON_BUILD_STRV_ENV_PAIR(m->os_release)),
SD_JSON_BUILD_PAIR_CONDITION(!strv_isempty(m->initrd_release), "initrdRelease", JSON_BUILD_STRV_ENV_PAIR(m->initrd_release)),
SD_JSON_BUILD_PAIR_CONDITION(!strv_isempty(m->sysext_release), "sysextRelease", JSON_BUILD_STRV_ENV_PAIR(m->sysext_release)),
SD_JSON_BUILD_PAIR_CONDITION(!strv_isempty(m->confext_release), "confextRelease", JSON_BUILD_STRV_ENV_PAIR(m->confext_release)),
SD_JSON_BUILD_PAIR("useBootableUefi", SD_JSON_BUILD_BOOLEAN(dissected_image_is_bootable_uefi(m))),
SD_JSON_BUILD_PAIR("useBootableContainer", SD_JSON_BUILD_BOOLEAN(dissected_image_is_bootable_os(m))),
SD_JSON_BUILD_PAIR("useInitrd", SD_JSON_BUILD_BOOLEAN(dissected_image_is_initrd(m))),
SD_JSON_BUILD_PAIR("usePortableService", SD_JSON_BUILD_BOOLEAN(dissected_image_is_portable(m))),
SD_JSON_BUILD_PAIR("useSystemExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(sysext_scopes, "system"))),
SD_JSON_BUILD_PAIR("useInitRDSystemExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(sysext_scopes, "initrd"))),
SD_JSON_BUILD_PAIR("usePortableSystemExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(sysext_scopes, "portable"))),
SD_JSON_BUILD_PAIR("useConfigurationExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(confext_scopes, "system"))),
SD_JSON_BUILD_PAIR("useInitRDConfigurationExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(confext_scopes, "initrd"))),
SD_JSON_BUILD_PAIR("usePortableConfigurationExtension", SD_JSON_BUILD_BOOLEAN(strv_contains(confext_scopes, "portable"))));
if (r < 0)
return log_oom();
}
t = table_new("rw", "designator", "partition uuid", "partition label", "fstype", "architecture", "verity", "growfs", "node", "partno");
if (!t)
return log_oom();
table_set_ersatz_string(t, TABLE_ERSATZ_DASH);
(void) table_set_align_percent(t, table_get_cell(t, 0, 9), 100);
/* Hide the device path if this is a loopback device that is not relinquished, since that means the
* device node is not going to be useful the instant our command exits */
if ((!d || d->created) && !sd_json_format_enabled(arg_json_format_flags))
table_hide_column_from_display(t, 8);
for (PartitionDesignator i = 0; i < _PARTITION_DESIGNATOR_MAX; i++) {
DissectedPartition *p = m->partitions + i;
if (!p->found)
continue;
r = table_add_many(
t,
TABLE_STRING, p->rw ? "rw" : "ro",
TABLE_STRING, partition_designator_to_string(i));
if (r < 0)
return table_log_add_error(r);
if (sd_id128_is_null(p->uuid))
r = table_add_cell(t, NULL, TABLE_EMPTY, NULL);
else
r = table_add_cell(t, NULL, TABLE_UUID, &p->uuid);
if (r < 0)
return table_log_add_error(r);
r = table_add_many(
t,
TABLE_STRING, p->label,
TABLE_STRING, p->fstype,
TABLE_STRING, architecture_to_string(p->architecture));
if (r < 0)
return table_log_add_error(r);
if (arg_verity_settings.data_path)
r = table_add_cell(t, NULL, TABLE_STRING, "external");
else if (dissected_image_verity_candidate(m, i))
r = table_add_cell(t, NULL, TABLE_STRING,
dissected_image_verity_sig_ready(m, i) ? "signed" :
yes_no(dissected_image_verity_ready(m, i)));
else
r = table_add_cell(t, NULL, TABLE_EMPTY, NULL);
if (r < 0)
return table_log_add_error(r);
r = table_add_many(t, TABLE_BOOLEAN, (int) p->growfs);
if (r < 0)
return table_log_add_error(r);
if (p->partno < 0) /* no partition table, naked file system */ {
r = table_add_cell(t, NULL, TABLE_PATH_BASENAME, arg_image);
if (r < 0)
return table_log_add_error(r);
r = table_add_cell(t, NULL, TABLE_EMPTY, NULL);
} else {
r = table_add_cell(t, NULL, TABLE_STRING, p->node);
if (r < 0)
return table_log_add_error(r);
r = table_add_cell(t, NULL, TABLE_INT, &p->partno);
}
if (r < 0)
return table_log_add_error(r);
}
if (!sd_json_format_enabled(arg_json_format_flags)) {
(void) table_set_header(t, arg_legend);
r = table_print(t, NULL);
if (r < 0)
return table_log_print_error(r);
} else {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *jt = NULL;
r = table_to_json(t, &jt);
if (r < 0)
return log_error_errno(r, "Failed to convert table to JSON: %m");
r = sd_json_variant_set_field(&v, "mounts", jt);
if (r < 0)
return log_oom();
sd_json_variant_dump(v, arg_json_format_flags, stdout, NULL);
}
return 0;
}
static int action_mount(DissectedImage *m, LoopDevice *d) {
int r;
assert(m);
assert(arg_action == ACTION_MOUNT);
r = dissected_image_mount_and_warn(
m,
arg_path,
/* uid_shift= */ UID_INVALID,
/* uid_range= */ UID_INVALID,
/* userns_fd= */ -EBADF,
arg_flags);
if (r < 0)
return r;
if (d) {
r = loop_device_flock(d, LOCK_UN);
if (r < 0)
return log_error_errno(r, "Failed to unlock loopback block device: %m");
}
r = dissected_image_relinquish(m);
if (r < 0)
return log_error_errno(r, "Failed to relinquish DM and loopback block devices: %m");
return 0;
}
static int list_print_item(
RecurseDirEvent event,
const char *path,
int dir_fd,
int inode_fd,
const struct dirent *de,
const struct statx *sx,
void *userdata) {
assert(path);
if (event == RECURSE_DIR_ENTER)
printf("%s%s/%s\n", path, ansi_grey(), ansi_normal());
else if (event == RECURSE_DIR_ENTRY)
printf("%s\n", path);
return RECURSE_DIR_CONTINUE;
}
static int get_file_sha256(int inode_fd, uint8_t ret[static SHA256_DIGEST_SIZE]) {
_cleanup_close_ int fd = -EBADF;
/* convert O_PATH fd into a regular one */
fd = fd_reopen(inode_fd, O_RDONLY|O_CLOEXEC);
if (fd < 0)
return fd;
/* Calculating the SHA sum might be slow, hence let's flush STDOUT first, to give user an idea where we are slow. */
fflush(stdout);
return sha256_fd(fd, UINT64_MAX, ret);
}
static const char *pick_color_for_uid_gid(uid_t uid) {
if (uid == UID_NOBODY)
return ansi_highlight_yellow4(); /* files should never be owned by 'nobody' (but might happen due to userns mapping) */
if (uid_is_system(uid))
return ansi_normal(); /* files in disk images are typically owned by root and other system users, no issue there */
if (uid_is_dynamic(uid))
return ansi_highlight_red(); /* files should never be owned persistently by dynamic users, and there are just no excuses */
if (uid_is_container(uid) || uid_is_foreign(uid))
return ansi_highlight_cyan();
return ansi_highlight();
}
static int mtree_print_item(
RecurseDirEvent event,
const char *path,
int dir_fd,
int inode_fd,
const struct dirent *de,
const struct statx *sx,
void *userdata) {
_cleanup_free_ char *escaped = NULL;
int r;
assert(path);
if (!IN_SET(event, RECURSE_DIR_ENTER, RECURSE_DIR_ENTRY))
return RECURSE_DIR_CONTINUE;
assert(sx);
if (isempty(path))
path = ".";
else {
/* BSD mtree uses either C or octal escaping, and covers whitespace, comments and glob characters. We use C style escaping and follow suit */
path = escaped = xescape(path, WHITESPACE COMMENTS GLOB_CHARS);
if (!escaped)
return log_oom();
}
printf("%s", isempty(path) ? "." : path);
if (FLAGS_SET(sx->stx_mask, STATX_TYPE)) {
if (S_ISDIR(sx->stx_mode))
printf("%s/%s", ansi_grey(), ansi_normal());
printf(" %stype=%s%s%s%s",
ansi_grey(),
ansi_normal(),
S_ISDIR(sx->stx_mode) ? ansi_highlight_blue() :
S_ISLNK(sx->stx_mode) ? ansi_highlight_cyan() :
(S_ISFIFO(sx->stx_mode) || S_ISCHR(sx->stx_mode) || S_ISBLK(sx->stx_mode)) ? ansi_highlight_yellow4() :
S_ISSOCK(sx->stx_mode) ? ansi_highlight_magenta() : "",
ASSERT_PTR(S_ISDIR(sx->stx_mode) ? "dir" :
S_ISREG(sx->stx_mode) ? "file" :
S_ISLNK(sx->stx_mode) ? "link" :
S_ISFIFO(sx->stx_mode) ? "fifo" :
S_ISBLK(sx->stx_mode) ? "block" :
S_ISCHR(sx->stx_mode) ? "char" :
S_ISSOCK(sx->stx_mode) ? "socket" : NULL),
ansi_normal());
}
if (FLAGS_SET(sx->stx_mask, STATX_MODE) && (!FLAGS_SET(sx->stx_mask, STATX_TYPE) || !S_ISLNK(sx->stx_mode)))
printf(" %smode=%s%04o",
ansi_grey(),
ansi_normal(),
(unsigned) (sx->stx_mode & 0777));
if (FLAGS_SET(sx->stx_mask, STATX_UID))
printf(" %suid=%s" UID_FMT "%s",
ansi_grey(),
pick_color_for_uid_gid(sx->stx_uid),
sx->stx_uid,
ansi_normal());
if (FLAGS_SET(sx->stx_mask, STATX_GID))
printf(" %sgid=%s" GID_FMT "%s",
ansi_grey(),
pick_color_for_uid_gid(sx->stx_gid),
sx->stx_gid,
ansi_normal());
if (FLAGS_SET(sx->stx_mask, STATX_TYPE|STATX_SIZE) && S_ISREG(sx->stx_mode)) {
printf(" %ssize=%s%" PRIu64,
ansi_grey(),
ansi_normal(),
(uint64_t) sx->stx_size);
if (arg_mtree_hash && inode_fd >= 0 && sx->stx_size > 0) {
uint8_t hash[SHA256_DIGEST_SIZE];
r = get_file_sha256(inode_fd, hash);
if (r < 0)
log_warning_errno(r, "Failed to calculate file SHA256 sum for '%s', ignoring: %m", path);
else {
_cleanup_free_ char *h = NULL;
h = hexmem(hash, sizeof(hash));
if (!h)
return log_oom();
printf(" %ssha256sum=%s%s",
ansi_grey(),
ansi_normal(),
h);
}
}
}
if (FLAGS_SET(sx->stx_mask, STATX_TYPE) && S_ISLNK(sx->stx_mode) && inode_fd >= 0) {
_cleanup_free_ char *target = NULL;
r = readlinkat_malloc(inode_fd, "", &target);
if (r < 0)
log_warning_errno(r, "Failed to read symlink '%s', ignoring: %m", path);
else {
_cleanup_free_ char *target_escaped = NULL;
target_escaped = xescape(target, WHITESPACE COMMENTS GLOB_CHARS);
if (!target_escaped)
return log_oom();
printf(" %slink=%s%s",
ansi_grey(),
ansi_normal(),
target_escaped);
}
}
if (FLAGS_SET(sx->stx_mask, STATX_TYPE) && (S_ISBLK(sx->stx_mode) || S_ISCHR(sx->stx_mode)))
printf(" %sdevice=%slinux,%" PRIu64 ",%" PRIu64,
ansi_grey(),
ansi_normal(),
(uint64_t) sx->stx_rdev_major,
(uint64_t) sx->stx_rdev_minor);
printf("\n");
return RECURSE_DIR_CONTINUE;
}
#if HAVE_LIBARCHIVE
static int archive_item(
RecurseDirEvent event,
const char *path,
int dir_fd,
int inode_fd,
const struct dirent *de,
const struct statx *sx,
void *userdata) {
struct archive *a = ASSERT_PTR(userdata);
int r;
assert(path);
if (!IN_SET(event, RECURSE_DIR_ENTER, RECURSE_DIR_ENTRY))
return RECURSE_DIR_CONTINUE;
assert(inode_fd >= 0);
assert(sx);
log_debug("Archiving %s\n", path);
_cleanup_(sym_archive_entry_freep) struct archive_entry *entry = NULL;
entry = sym_archive_entry_new();
if (!entry)
return log_oom();
assert(FLAGS_SET(sx->stx_mask, STATX_TYPE|STATX_MODE));
sym_archive_entry_set_pathname(entry, path);
sym_archive_entry_set_filetype(entry, sx->stx_mode);
if (!S_ISLNK(sx->stx_mode))
sym_archive_entry_set_perm(entry, sx->stx_mode);
if (FLAGS_SET(sx->stx_mask, STATX_UID))
sym_archive_entry_set_uid(entry, sx->stx_uid);
if (FLAGS_SET(sx->stx_mask, STATX_GID))
sym_archive_entry_set_gid(entry, sx->stx_gid);
if (S_ISREG(sx->stx_mode)) {
if (!FLAGS_SET(sx->stx_mask, STATX_SIZE))
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Unable to determine file size of '%s'.", path);
sym_archive_entry_set_size(entry, sx->stx_size);
}
if (S_ISCHR(sx->stx_mode) || S_ISBLK(sx->stx_mode)) {
sym_archive_entry_set_rdevmajor(entry, sx->stx_rdev_major);
sym_archive_entry_set_rdevminor(entry, sx->stx_rdev_minor);
}
/* We care about a modicum of reproducibility here, hence we don't save atime/btime here */
if (FLAGS_SET(sx->stx_mask, STATX_MTIME))
sym_archive_entry_set_mtime(entry, sx->stx_mtime.tv_sec, sx->stx_mtime.tv_nsec);
if (FLAGS_SET(sx->stx_mask, STATX_CTIME))
sym_archive_entry_set_ctime(entry, sx->stx_ctime.tv_sec, sx->stx_ctime.tv_nsec);
if (S_ISLNK(sx->stx_mode)) {
_cleanup_free_ char *s = NULL;
assert(dir_fd >= 0);
assert(de);
r = readlinkat_malloc(dir_fd, de->d_name, &s);
if (r < 0)
return log_error_errno(r, "Failed to read symlink target of '%s': %m", path);
sym_archive_entry_set_symlink(entry, s);
}
if (sym_archive_write_header(a, entry) != ARCHIVE_OK)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to write archive entry header: %s", sym_archive_error_string(a));
if (S_ISREG(sx->stx_mode)) {
_cleanup_close_ int data_fd = -EBADF;
/* Convert the O_PATH fd in a proper fd */
data_fd = fd_reopen(inode_fd, O_RDONLY|O_CLOEXEC);
if (data_fd < 0)
return log_error_errno(data_fd, "Failed to open '%s': %m", path);
for (;;) {
char buffer[64*1024];
ssize_t l;
l = read(data_fd, buffer, sizeof(buffer));
if (l < 0)
return log_error_errno(errno, "Failed to read '%s': %m", path);
if (l == 0)
break;
la_ssize_t k;
k = sym_archive_write_data(a, buffer, l);
if (k < 0)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to write archive data: %s", sym_archive_error_string(a));
}
}
return RECURSE_DIR_CONTINUE;
}
#endif
static int action_list_or_mtree_or_copy_or_make_archive(DissectedImage *m, LoopDevice *d, int userns_fd) {
_cleanup_(umount_and_freep) char *mounted_dir = NULL;
_cleanup_free_ char *t = NULL;
const char *root;
int r;
assert(IN_SET(arg_action, ACTION_LIST, ACTION_MTREE, ACTION_COPY_FROM, ACTION_COPY_TO, ACTION_MAKE_ARCHIVE, ACTION_SHIFT));
if (arg_image) {
assert(m);
if (userns_fd < 0)
r = detach_mount_namespace_harder(0, 0);
else
r = detach_mount_namespace_userns(userns_fd);
if (r < 0)
return log_error_errno(r, "Failed to detach mount namespace: %m");
/* Create a place we can mount things onto soon. We use a fixed path shared by all invocations. Given
* the mounts are done in a mount namespace there's not going to be a collision here */
r = get_common_dissect_directory(&t);
if (r < 0)
return log_error_errno(r, "Failed generate private mount directory: %m");
r = dissected_image_mount_and_warn(
m,
t,
/* uid_shift= */ UID_INVALID,
/* uid_range= */ UID_INVALID,
/* userns_fd= */ -EBADF,
arg_flags);
if (r < 0)
return r;
root = mounted_dir = TAKE_PTR(t);
if (d) {
r = loop_device_flock(d, LOCK_UN);
if (r < 0)
return log_error_errno(r, "Failed to unlock loopback block device: %m");
}
r = dissected_image_relinquish(m);
if (r < 0)
return log_error_errno(r, "Failed to relinquish DM and loopback block devices: %m");
dissected_image_close(m);
} else
root = arg_root;
switch (arg_action) {
case ACTION_COPY_FROM: {
_cleanup_close_ int source_fd = -EBADF, target_fd = -EBADF;
source_fd = chase_and_open(arg_source, root, CHASE_PREFIX_ROOT|CHASE_WARN, O_RDONLY|O_CLOEXEC|O_NOCTTY, NULL);
if (source_fd < 0)
return log_error_errno(source_fd, "Failed to open source path '%s' in image '%s': %m", arg_source, arg_image);
/* Copying to stdout? */
if (streq(arg_target, "-")) {
r = copy_bytes(source_fd, STDOUT_FILENO, UINT64_MAX, COPY_REFLINK);
if (r < 0)
return log_error_errno(r, "Failed to copy bytes from %s in mage '%s' to stdout: %m", arg_source, arg_image);
/* When we copy to stdout we don't copy any attributes (i.e. no access mode, no ownership, no xattr, no times) */
return 0;
}
/* Try to copy as directory? */
r = copy_directory_at(source_fd, NULL, AT_FDCWD, arg_target, COPY_REFLINK|COPY_MERGE|COPY_REPLACE|COPY_SIGINT|COPY_HARDLINKS);
if (r >= 0)
return 0;
if (r != -ENOTDIR)
return log_error_errno(r, "Failed to copy %s in image '%s' to '%s': %m", arg_source, arg_image, arg_target);
r = fd_verify_regular(source_fd);
if (r == -EISDIR)
return log_error_errno(r, "Target '%s' exists already and is not a directory.", arg_target);
if (r < 0)
return log_error_errno(r, "Source path %s in image '%s' is neither regular file nor directory, refusing: %m", arg_source, arg_image);
/* Nah, it's a plain file! */
target_fd = open(arg_target, O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600);
if (target_fd < 0)
return log_error_errno(errno, "Failed to create regular file at target path '%s': %m", arg_target);
r = copy_bytes(source_fd, target_fd, UINT64_MAX, COPY_REFLINK);
if (r < 0)
return log_error_errno(r, "Failed to copy bytes from %s in mage '%s' to '%s': %m", arg_source, arg_image, arg_target);
(void) copy_xattr(source_fd, NULL, target_fd, NULL, 0);
(void) copy_access(source_fd, target_fd);
(void) copy_times(source_fd, target_fd, 0);
/* When this is a regular file we don't copy ownership! */
return 0;
}
case ACTION_COPY_TO: {
_cleanup_close_ int source_fd = -EBADF, target_fd = -EBADF, dfd = -EBADF;
_cleanup_free_ char *dn = NULL, *bn = NULL;
bool is_dir;
r = path_extract_directory(arg_target, &dn);
if (r < 0)
return log_error_errno(r, "Failed to extract directory from target path '%s': %m", arg_target);
r = path_extract_filename(arg_target, &bn);
if (r < 0)
return log_error_errno(r, "Failed to extract filename from target path '%s': %m", arg_target);
is_dir = r == O_DIRECTORY;
r = chase(dn, root, CHASE_PREFIX_ROOT|CHASE_WARN, NULL, &dfd);
if (r < 0)
return log_error_errno(r, "Failed to open '%s': %m", dn);
/* Are we reading from stdin? */
if (streq(arg_source, "-")) {
if (is_dir)
return log_error_errno(SYNTHETIC_ERRNO(EISDIR), "Cannot copy STDIN to a directory, refusing.");
target_fd = openat(dfd, bn, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_EXCL, 0644);
if (target_fd < 0)
return log_error_errno(errno, "Failed to open target file '%s': %m", arg_target);
r = copy_bytes(STDIN_FILENO, target_fd, UINT64_MAX, COPY_REFLINK);
if (r < 0)
return log_error_errno(r, "Failed to copy bytes from stdin to '%s' in image '%s': %m", arg_target, arg_image);
/* When we copy from stdin we don't copy any attributes (i.e. no access mode, no ownership, no xattr, no times) */
return 0;
}
source_fd = open(arg_source, O_RDONLY|O_CLOEXEC|O_NOCTTY);
if (source_fd < 0)
return log_error_errno(source_fd, "Failed to open source path '%s': %m", arg_source);
r = fd_verify_regular(source_fd);
if (r < 0) {
if (r != -EISDIR)
return log_error_errno(r, "Source '%s' is neither regular file nor directory: %m", arg_source);
/* We are looking at a directory. */
target_fd = openat(dfd, bn, O_RDONLY|O_DIRECTORY|O_CLOEXEC);
if (target_fd < 0) {
if (errno != ENOENT)
return log_error_errno(errno, "Failed to open destination '%s': %m", arg_target);
r = copy_tree_at(source_fd, ".", dfd, bn, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_MERGE|COPY_REPLACE|COPY_SIGINT|COPY_HARDLINKS, NULL, NULL);
} else
r = copy_tree_at(source_fd, ".", target_fd, ".", UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_MERGE|COPY_REPLACE|COPY_SIGINT|COPY_HARDLINKS, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to copy '%s' to '%s' in image '%s': %m", arg_source, arg_target, arg_image);
return 0;
}
if (is_dir)
return log_error_errno(SYNTHETIC_ERRNO(EISDIR), "Source is a regular file, but target is not, refusing.");
/* We area looking at a regular file */
target_fd = openat(dfd, bn, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_EXCL, 0600);
if (target_fd < 0)
return log_error_errno(errno, "Failed to open target file '%s': %m", arg_target);
r = copy_bytes(source_fd, target_fd, UINT64_MAX, COPY_REFLINK);
if (r < 0)
return log_error_errno(r, "Failed to copy bytes from '%s' to '%s' in image '%s': %m", arg_source, arg_target, arg_image);
(void) copy_xattr(source_fd, NULL, target_fd, NULL, 0);
(void) copy_access(source_fd, target_fd);
(void) copy_times(source_fd, target_fd, 0);
/* When this is a regular file we don't copy ownership! */
return 0;
}
case ACTION_LIST:
case ACTION_MTREE: {
_cleanup_close_ int dfd = -EBADF;
dfd = open(root, O_DIRECTORY|O_CLOEXEC|O_RDONLY);
if (dfd < 0)
return log_error_errno(errno, "Failed to open mount directory: %m");
pager_open(arg_pager_flags);
if (arg_action == ACTION_LIST)
r = recurse_dir(dfd, NULL, 0, UINT_MAX, RECURSE_DIR_SORT, list_print_item, NULL);
else if (arg_action == ACTION_MTREE)
r = recurse_dir(dfd, ".", STATX_TYPE|STATX_MODE|STATX_UID|STATX_GID|STATX_SIZE, UINT_MAX, RECURSE_DIR_SORT|RECURSE_DIR_INODE_FD|RECURSE_DIR_TOPLEVEL, mtree_print_item, NULL);
else
assert_not_reached();
if (r < 0)
return log_error_errno(r, "Failed to list image: %m");
return 0;
}
case ACTION_MAKE_ARCHIVE: {
#if HAVE_LIBARCHIVE
_cleanup_(unlink_and_freep) char *tar = NULL;
_cleanup_close_ int dfd = -EBADF;
_cleanup_fclose_ FILE *f = NULL;
dfd = open(root, O_DIRECTORY|O_CLOEXEC|O_RDONLY);
if (dfd < 0)
return log_error_errno(errno, "Failed to open mount directory: %m");
_cleanup_(sym_archive_write_freep) struct archive *a = sym_archive_write_new();
if (!a)
return log_oom();
if (arg_target)
r = sym_archive_write_set_format_filter_by_ext(a, arg_target);
else
r = sym_archive_write_set_format_gnutar(a);
if (r != ARCHIVE_OK)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to set libarchive output format: %s", sym_archive_error_string(a));
if (arg_target) {
r = fopen_tmpfile_linkable(arg_target, O_WRONLY|O_CLOEXEC, &tar, &f);
if (r < 0)
return log_error_errno(r, "Failed to create target file '%s': %m", arg_target);
r = sym_archive_write_open_FILE(a, f);
} else {
if (isatty_safe(STDOUT_FILENO))
return log_error_errno(SYNTHETIC_ERRNO(EBADF), "Refusing to write archive to TTY.");
r = sym_archive_write_open_fd(a, STDOUT_FILENO);
}
if (r != ARCHIVE_OK)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to set libarchive output file: %s", sym_archive_error_string(a));
r = recurse_dir(dfd,
".",
STATX_TYPE|STATX_MODE|STATX_UID|STATX_GID|STATX_SIZE|STATX_ATIME|STATX_CTIME,
UINT_MAX,
RECURSE_DIR_SORT|RECURSE_DIR_INODE_FD|RECURSE_DIR_TOPLEVEL,
archive_item,
a);
if (r < 0)
return log_error_errno(r, "Failed to make archive: %m");
r = sym_archive_write_close(a);
if (r != ARCHIVE_OK)
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Unable to finish writing archive: %s", sym_archive_error_string(a));
if (arg_target) {
r = flink_tmpfile(f, tar, arg_target, LINK_TMPFILE_REPLACE);
if (r < 0)
return log_error_errno(r, "Failed to move archive file into place: %m");
}
return 0;
#else
assert_not_reached();
#endif
}
case ACTION_SHIFT:
r = path_patch_uid(root, arg_uid_base, 0x10000);
if (r < 0)
return log_error_errno(r, "Failed to shift UID base: %m");
return 0;
default:
assert_not_reached();
}
}
static int action_umount(const char *path) {
_cleanup_close_ int fd = -EBADF;
_cleanup_free_ char *canonical = NULL;
_cleanup_(loop_device_unrefp) LoopDevice *d = NULL;
_cleanup_(sd_device_unrefp) sd_device *dev = NULL;
int r;
fd = chase_and_open(path, NULL, 0, O_DIRECTORY, &canonical);
if (fd == -ENOTDIR)
return log_error_errno(SYNTHETIC_ERRNO(ENOTDIR), "'%s' is not a directory", path);
if (fd < 0)
return log_error_errno(fd, "Failed to resolve path '%s': %m", path);
r = is_mount_point_at(fd, NULL, 0);
if (r == 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "'%s' is not a mount point", canonical);
if (r < 0)
return log_error_errno(r, "Failed to determine whether '%s' is a mount point: %m", canonical);
r = block_device_new_from_fd(fd, BLOCK_DEVICE_LOOKUP_WHOLE_DISK | BLOCK_DEVICE_LOOKUP_BACKING, &dev);
if (r < 0) {
_cleanup_close_ int usr_fd = -EBADF;
/* The command `systemd-dissect --mount` expects that the image at least has the root or /usr
* partition. If it does not have the root partition, then we mount the /usr partition on a
* tmpfs. Hence, let's try to find the backing block device through the /usr partition. */
usr_fd = openat(fd, "usr", O_CLOEXEC | O_DIRECTORY | O_NOFOLLOW);
if (usr_fd < 0)
return log_error_errno(errno, "Failed to open '%s/usr': %m", canonical);
r = block_device_new_from_fd(usr_fd, BLOCK_DEVICE_LOOKUP_WHOLE_DISK | BLOCK_DEVICE_LOOKUP_BACKING, &dev);
}
if (r < 0)
return log_error_errno(r, "Failed to find backing block device for '%s': %m", canonical);
r = loop_device_open(dev, 0, LOCK_EX, &d);
if (r < 0)
return log_device_error_errno(dev, r, "Failed to open loopback block device: %m");
/* We've locked the loop device, now we're ready to unmount. To allow the unmount to succeed, we have
* to close the O_PATH fd we opened earlier. */
fd = safe_close(fd);
r = umount_recursive(canonical, 0);
if (r < 0)
return log_error_errno(r, "Failed to unmount '%s': %m", canonical);
/* We managed to lock and unmount successfully? That means we can try to remove the loop device. */
loop_device_unrelinquish(d);
if (arg_rmdir) {
r = RET_NERRNO(rmdir(canonical));
if (r < 0)
return log_error_errno(r, "Failed to remove mount directory '%s': %m", canonical);
}
return 0;
}
static int action_with(DissectedImage *m, LoopDevice *d) {
_cleanup_(umount_and_rmdir_and_freep) char *mounted_dir = NULL;
_cleanup_(rmdir_and_freep) char *created_dir = NULL;
_cleanup_free_ char *temp = NULL;
int r, rcode;
assert(m);
assert(arg_action == ACTION_WITH);
r = tempfn_random_child(NULL, program_invocation_short_name, &temp);
if (r < 0)
return log_error_errno(r, "Failed to generate temporary mount directory: %m");
r = mkdir_p(temp, 0700);
if (r < 0)
return log_error_errno(r, "Failed to create mount point: %m");
created_dir = TAKE_PTR(temp);
r = dissected_image_mount_and_warn(
m,
created_dir,
/* uid_shift= */ UID_INVALID,
/* uid_range= */ UID_INVALID,
/* userns_fd= */ -EBADF,
arg_flags);
if (r < 0)
return r;
mounted_dir = TAKE_PTR(created_dir);
r = dissected_image_relinquish(m);
if (r < 0)
return log_error_errno(r, "Failed to relinquish DM and loopback block devices: %m");
if (d) {
r = loop_device_flock(d, LOCK_UN);
if (r < 0)
return log_error_errno(r, "Failed to unlock loopback block device: %m");
}
rcode = safe_fork("(with)", FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_WAIT, NULL);
if (rcode == 0) {
/* Child */
if (chdir(mounted_dir) < 0) {
log_error_errno(errno, "Failed to change to '%s' directory: %m", mounted_dir);
_exit(EXIT_FAILURE);
}
if (setenv("SYSTEMD_DISSECT_ROOT", mounted_dir, /* overwrite= */ true) < 0) {
log_error_errno(errno, "Failed to set $SYSTEMD_DISSECT_ROOT: %m");
_exit(EXIT_FAILURE);
}
if (setenv("SYSTEMD_DISSECT_DEVICE", d->node, /* overwrite= */ true) < 0) {
log_error_errno(errno, "Failed to set $SYSTEMD_DISSECT_DEVICE: %m");
_exit(EXIT_FAILURE);
}
if (strv_isempty(arg_argv)) {
const char *sh;
sh = secure_getenv("SHELL");
if (sh) {
execvp(sh, STRV_MAKE(sh));
log_warning_errno(errno, "Failed to execute $SHELL, falling back to /bin/sh: %m");
}
execl("/bin/sh", "sh", NULL);
log_error_errno(errno, "Failed to invoke /bin/sh: %m");
} else {
execvp(arg_argv[0], arg_argv);
log_error_errno(errno, "Failed to execute '%s': %m", arg_argv[0]);
}
_exit(EXIT_FAILURE);
}
/* Let's manually detach everything, to make things synchronous */
if (d) {
r = loop_device_flock(d, LOCK_SH);
if (r < 0)
log_warning_errno(r, "Failed to lock loopback block device, ignoring: %m");
}
r = umount_recursive(mounted_dir, 0);
if (r < 0)
log_warning_errno(r, "Failed to unmount '%s', ignoring: %m", mounted_dir);
else if (d)
loop_device_unrelinquish(d); /* Let's try to destroy the loopback device */
created_dir = TAKE_PTR(mounted_dir);
if (rmdir(created_dir) < 0)
log_warning_errno(r, "Failed to remove directory '%s', ignoring: %m", created_dir);
temp = TAKE_PTR(created_dir);
return rcode;
}
static int action_discover(void) {
_cleanup_hashmap_free_ Hashmap *images = NULL;
_cleanup_(table_unrefp) Table *t = NULL;
Image *img;
int r;
images = hashmap_new(&image_hash_ops);
if (!images)
return log_oom();
for (ImageClass cl = 0; cl < _IMAGE_CLASS_MAX; cl++) {
r = image_discover(arg_runtime_scope, cl, NULL, images);
if (r < 0)
return log_error_errno(r, "Failed to discover images: %m");
}
if (hashmap_isempty(images) && !sd_json_format_enabled(arg_json_format_flags)) {
log_info("No images found.");
return 0;
}
t = table_new("name", "type", "class", "ro", "path", "time", "usage");
if (!t)
return log_oom();
table_set_align_percent(t, table_get_cell(t, 0, 6), 100);
table_set_ersatz_string(t, TABLE_ERSATZ_DASH);
HASHMAP_FOREACH(img, images) {
if (!arg_all && startswith(img->name, "."))
continue;
r = table_add_many(
t,
TABLE_STRING, img->name,
TABLE_SET_COLOR, startswith(img->name, ".") ? ANSI_GREY : NULL,
TABLE_STRING, image_type_to_string(img->type),
TABLE_STRING, image_class_to_string(img->class),
TABLE_BOOLEAN, img->read_only,
TABLE_SET_COLOR, !img->read_only ? ANSI_HIGHLIGHT_GREEN : ANSI_HIGHLIGHT_RED,
TABLE_PATH, img->path,
TABLE_TIMESTAMP, img->mtime != 0 ? img->mtime : img->crtime,
TABLE_SIZE, img->usage,
TABLE_SET_COLOR, img->usage <= 0 ? ANSI_HIGHLIGHT_RED : NULL);
if (r < 0)
return table_log_add_error(r);
}
(void) table_set_sort(t, (size_t) 0);
return table_print_with_pager(t, arg_json_format_flags, arg_pager_flags, arg_legend);
}
static int action_attach(DissectedImage *m, LoopDevice *d) {
int r;
assert(m);
assert(d);
r = loop_device_set_autoclear(d, false);
if (r < 0)
return log_error_errno(r, "Failed to disable auto-clear logic on loopback device: %m");
r = dissected_image_relinquish(m);
if (r < 0)
return log_error_errno(r, "Failed to relinquish DM and loopback block devices: %m");
puts(d->node);
return 0;
}
static int action_detach(const char *path) {
_cleanup_(loop_device_unrefp) LoopDevice *loop = NULL;
_cleanup_close_ int fd = -EBADF;
struct stat st;
int r;
assert(path);
fd = open(path, O_PATH|O_CLOEXEC);
if (fd < 0)
return log_error_errno(errno, "Failed to open '%s': %m", path);
if (fstat(fd, &st) < 0)
return log_error_errno(errno, "Failed to stat '%s': %m", path);
if (S_ISBLK(st.st_mode)) {
r = loop_device_open_from_fd(fd, O_RDONLY, LOCK_EX, &loop);
if (r < 0)
return log_error_errno(r, "Failed to open '%s' as loopback block device: %m", path);
} else if (S_ISREG(st.st_mode)) {
_cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;
/* If a regular file is specified, search for a loopback block device that is backed by it */
r = sd_device_enumerator_new(&e);
if (r < 0)
return log_error_errno(r, "Failed to allocate enumerator: %m");
r = sd_device_enumerator_add_match_subsystem(e, "block", true);
if (r < 0)
return log_error_errno(r, "Failed to match block devices: %m");
r = sd_device_enumerator_add_match_sysname(e, "loop*");
if (r < 0)
return log_error_errno(r, "Failed to match loopback block devices: %m");
(void) sd_device_enumerator_allow_uninitialized(e);
FOREACH_DEVICE(e, d) {
_cleanup_(loop_device_unrefp) LoopDevice *entry_loop = NULL;
if (!device_is_devtype(d, "disk")) /* Filter out partition block devices */
continue;
r = loop_device_open(d, O_RDONLY, LOCK_SH, &entry_loop);
if (r < 0) {
log_device_warning_errno(d, r, "Failed to open loopback block device, skipping: %m");
continue;
}
if (entry_loop->backing_devno == st.st_dev && entry_loop->backing_inode == st.st_ino) {
/* Found it! The kernel allows attaching a single file to multiple loopback
* devices. Let's destruct them in reverse order, i.e. find the last matching
* loopback device here, rather than the first. */
loop_device_unref(loop);
loop = TAKE_PTR(entry_loop);
}
}
if (!loop)
return log_error_errno(SYNTHETIC_ERRNO(ENXIO), "No loopback block device backed by '%s' found.", path);
r = loop_device_flock(loop, LOCK_EX);
if (r < 0)
return log_error_errno(r, "Failed to upgrade device lock: %m");
}
r = loop_device_set_autoclear(loop, true);
if (r < 0)
log_warning_errno(r, "Failed to enable autoclear logic on '%s', ignoring: %m", loop->node);
loop_device_unrelinquish(loop);
return 0;
}
static int action_validate(void) {
int r;
r = dissect_image_file_and_warn(
arg_image,
&arg_verity_settings,
NULL,
arg_image_policy,
arg_flags,
NULL);
if (r < 0)
return r;
if (isatty_safe(STDOUT_FILENO) && emoji_enabled())
printf("%s ", special_glyph(SPECIAL_GLYPH_SPARKLES));
printf("%sOK%s", ansi_highlight_green(), ansi_normal());
if (isatty_safe(STDOUT_FILENO) && emoji_enabled())
printf(" %s", special_glyph(SPECIAL_GLYPH_SPARKLES));
putc('\n', stdout);
return 0;
}
static int run(int argc, char *argv[]) {
_cleanup_(dissected_image_unrefp) DissectedImage *m = NULL;
_cleanup_(loop_device_unrefp) LoopDevice *d = NULL;
_cleanup_close_ int userns_fd = -EBADF;
int r;
log_setup();
if (invoked_as(argv, "mount.ddi"))
r = parse_argv_as_mount_helper(argc, argv);
else
r = parse_argv(argc, argv);
if (r <= 0)
return r;
if (arg_image) {
r = path_pick_update_warn(
&arg_image,
&pick_filter_image_raw,
PICK_ARCHITECTURE|PICK_TRIES,
/* ret_result= */ NULL);
if (r < 0)
return r;
}
if (arg_root) {
r = path_pick_update_warn(
&arg_root,
&pick_filter_image_dir,
PICK_ARCHITECTURE|PICK_TRIES,
/* ret_result= */ NULL);
if (r < 0)
return r;
}
switch (arg_action) {
case ACTION_UMOUNT:
return action_umount(arg_path);
case ACTION_DETACH:
return action_detach(arg_image);
case ACTION_DISCOVER:
return action_discover();
default:
/* All other actions need the image dissected (except for ACTION_VALIDATE, see below) */
break;
}
if (arg_image) {
r = verity_settings_load(
&arg_verity_settings,
arg_image, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to read verity artifacts for %s: %m", arg_image);
if (arg_verity_settings.data_path)
arg_flags |= DISSECT_IMAGE_NO_PARTITION_TABLE; /* We only support Verity per file system,
* hence if there's external Verity data
* available we turn off partition table
* support */
}
if (arg_action == ACTION_VALIDATE)
return action_validate();
if (arg_image) {
/* First try locally, if we are allowed to */
if (!arg_via_service) {
uint32_t loop_flags;
int open_flags;
open_flags = FLAGS_SET(arg_flags, DISSECT_IMAGE_DEVICE_READ_ONLY) ? O_RDONLY : O_RDWR;
loop_flags = FLAGS_SET(arg_flags, DISSECT_IMAGE_NO_PARTITION_TABLE) ? 0 : LO_FLAGS_PARTSCAN;
if (arg_in_memory)
r = loop_device_make_by_path_memory(arg_image, open_flags, /* sector_size= */ UINT32_MAX, loop_flags, LOCK_SH, &d);
else
r = loop_device_make_by_path(arg_image, open_flags, /* sector_size= */ UINT32_MAX, loop_flags, LOCK_SH, &d);
if (r < 0) {
if (!ERRNO_IS_PRIVILEGE(r) || !IN_SET(arg_action, ACTION_DISSECT, ACTION_LIST, ACTION_MTREE, ACTION_COPY_FROM, ACTION_COPY_TO, ACTION_SHIFT))
return log_error_errno(r, "Failed to set up loopback device for %s: %m", arg_image);
log_debug_errno(r, "Lacking permissions to set up loopback block device for %s, using service: %m", arg_image);
arg_via_service = true;
} else {
if (arg_loop_ref) {
r = loop_device_set_filename(d, arg_loop_ref);
if (r < 0)
log_warning_errno(r, "Failed to set loop reference string to '%s', ignoring: %m", arg_loop_ref);
}
r = dissect_loop_device_and_warn(
d,
&arg_verity_settings,
/* mount_options= */ NULL,
arg_image_policy,
arg_flags,
&m);
if (r < 0)
return r;
if (arg_action == ACTION_ATTACH)
return action_attach(m, d);
r = dissected_image_load_verity_sig_partition(
m,
d->fd,
&arg_verity_settings);
if (r < 0)
return log_error_errno(r, "Failed to load verity signature partition: %m");
if (arg_action != ACTION_DISSECT) {
r = dissected_image_decrypt_interactively(
m, NULL,
&arg_verity_settings,
arg_flags);
if (r < 0)
return r;
}
}
}
/* Try via service */
if (arg_via_service) {
if (arg_in_memory)
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "--in-memory= not supported when operating via systemd-mountfsd.");
if (arg_loop_ref)
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "--loop-ref= not supported when operating via systemd-mountfsd.");
if (verity_settings_set(&arg_verity_settings))
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Externally configured verity settings not supported when operating via systemd-mountfsd.");
/* Don't run things in private userns, if the mount shall be attached to the host */
if (!IN_SET(arg_action, ACTION_MOUNT, ACTION_WITH)) {
userns_fd = nsresource_allocate_userns(/* name= */ NULL, UINT64_C(0x10000)); /* allocate 64K users by default */
if (userns_fd < 0)
return log_error_errno(userns_fd, "Failed to allocate user namespace with 64K users: %m");
}
r = mountfsd_mount_image(
arg_image,
userns_fd,
arg_image_policy,
arg_flags,
&m);
if (r < 0)
return r;
}
}
switch (arg_action) {
case ACTION_DISSECT:
return action_dissect(m, d, userns_fd);
case ACTION_MOUNT:
return action_mount(m, d);
case ACTION_LIST:
case ACTION_MTREE:
case ACTION_COPY_FROM:
case ACTION_COPY_TO:
case ACTION_MAKE_ARCHIVE:
case ACTION_SHIFT:
return action_list_or_mtree_or_copy_or_make_archive(m, d, userns_fd);
case ACTION_WITH:
return action_with(m, d);
default:
assert_not_reached();
}
}
DEFINE_MAIN_FUNCTION(run);
Reference in New Issue View Git Blame Copy Permalink