diff options
Diffstat (limited to 'src/debug-generator')
| -rw-r--r-- | src/debug-generator/debug-generator.c | 182 |
1 files changed, 144 insertions, 38 deletions
diff --git a/src/debug-generator/debug-generator.c b/src/debug-generator/debug-generator.c index 8a474c5..7637980 100644 --- a/src/debug-generator/debug-generator.c +++ b/src/debug-generator/debug-generator.c @@ -3,13 +3,17 @@ #include <unistd.h> #include "alloc-util.h" +#include "creds-util.h" #include "dropin.h" +#include "errno-util.h" +#include "fd-util.h" +#include "fileio-label.h" #include "generator.h" #include "initrd-util.h" -#include "mkdir-label.h" #include "parse-util.h" #include "path-util.h" #include "proc-cmdline.h" +#include "recurse-dir.h" #include "special.h" #include "string-util.h" #include "strv.h" @@ -20,12 +24,15 @@ static const char *arg_dest = NULL; static char *arg_default_unit = NULL; static char **arg_mask = NULL; static char **arg_wants = NULL; -static char *arg_debug_shell = NULL; +static bool arg_debug_shell = false; +static char *arg_debug_tty = NULL; +static char *arg_default_debug_tty = NULL; STATIC_DESTRUCTOR_REGISTER(arg_default_unit, freep); STATIC_DESTRUCTOR_REGISTER(arg_mask, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_wants, strv_freep); -STATIC_DESTRUCTOR_REGISTER(arg_debug_shell, freep); +STATIC_DESTRUCTOR_REGISTER(arg_debug_tty, freep); +STATIC_DESTRUCTOR_REGISTER(arg_default_debug_tty, freep); static int parse_proc_cmdline_item(const char *key, const char *value, void *data) { int r; @@ -42,8 +49,7 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat if (r < 0) return log_error_errno(r, "Failed to glob unit name: %m"); - r = strv_consume(&arg_mask, n); - if (r < 0) + if (strv_consume(&arg_mask, n) < 0) return log_oom(); } else if (streq(key, "systemd.wants")) { @@ -56,20 +62,24 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat if (r < 0) return log_error_errno(r, "Failed to glob unit name: %m"); - r = strv_consume(&arg_wants, n); - if (r < 0) + if (strv_consume(&arg_wants, n) < 0) return log_oom(); } else if (proc_cmdline_key_streq(key, "systemd.debug_shell")) { - const char *t = NULL; r = value ? parse_boolean(value) : 1; - if (r < 0) - t = skip_dev_prefix(value); - else if (r > 0) - t = skip_dev_prefix(DEBUGTTY); + arg_debug_shell = r != 0; + if (r >= 0) + return 0; + + return free_and_strdup_warn(&arg_debug_tty, skip_dev_prefix(value)); + + } else if (proc_cmdline_key_streq(key, "systemd.default_debug_tty")) { - return free_and_strdup_warn(&arg_debug_shell, t); + if (proc_cmdline_value_missing(key, value)) + return 0; + + return free_and_strdup_warn(&arg_default_debug_tty, skip_dev_prefix(value)); } else if (streq(key, "systemd.unit")) { @@ -95,14 +105,12 @@ static int generate_mask_symlinks(void) { STRV_FOREACH(u, arg_mask) { _cleanup_free_ char *p = NULL; - p = path_join(empty_to_root(arg_dest), *u); + p = path_join(arg_dest, *u); if (!p) return log_oom(); if (symlink("/dev/null", p) < 0) - r = log_error_errno(errno, - "Failed to create mask symlink %s: %m", - p); + RET_GATHER(r, log_error_errno(errno, "Failed to create mask symlink '%s': %m", p)); } return r; @@ -127,33 +135,126 @@ static int generate_wants_symlinks(void) { if (!f) return log_oom(); - r = generator_add_symlink(arg_dest, target, "wants", f); - if (r < 0) - return r; + RET_GATHER(r, generator_add_symlink(arg_dest, target, "wants", f)); } return r; } -static void install_debug_shell_dropin(const char *dir) { +static int install_debug_shell_dropin(void) { + const char *tty = arg_debug_tty ?: arg_default_debug_tty; + int r; + + if (!tty || path_equal(tty, skip_dev_prefix(DEBUGTTY))) + return 0; + + r = write_drop_in_format(arg_dest, "debug-shell.service", 50, "tty", + "# Automatically generated by systemd-debug-generator\n\n" + "[Unit]\n" + "Description=Early root shell on /dev/%s FOR DEBUGGING ONLY\n" + "ConditionPathExists=\n" + "\n[Service]\n" + "TTYPath=/dev/%s\n", + tty, tty); + if (r < 0) + return log_warning_errno(r, "Failed to write drop-in for debug-shell.service: %m"); + + return 1; +} + +static int process_unit_credentials(const char *credentials_dir) { + _cleanup_free_ DirectoryEntries *des = NULL; int r; - if (streq(arg_debug_shell, skip_dev_prefix(DEBUGTTY))) - return; + assert(credentials_dir); - r = write_drop_in_format(dir, "debug-shell.service", 50, "tty", - "[Unit]\n" - "Description=Early root shell on /dev/%s FOR DEBUGGING ONLY\n" - "ConditionPathExists=\n" - "[Service]\n" - "TTYPath=/dev/%s", - arg_debug_shell, arg_debug_shell); + r = readdir_all_at(AT_FDCWD, credentials_dir, RECURSE_DIR_SORT|RECURSE_DIR_IGNORE_DOT|RECURSE_DIR_ENSURE_TYPE, &des); if (r < 0) - log_warning_errno(r, "Failed to write drop-in for debug-shell.service, ignoring: %m"); + return log_error_errno(r, "Failed to enumerate credentials from credentials directory '%s': %m", credentials_dir); + + FOREACH_ARRAY(i, des->entries, des->n_entries) { + struct dirent *de = *i; + const char *unit, *dropin; + + if (de->d_type != DT_REG) + continue; + + unit = startswith(de->d_name, "systemd.extra-unit."); + dropin = startswith(de->d_name, "systemd.unit-dropin."); + + if (!unit && !dropin) + continue; + + _cleanup_free_ char *d = NULL; + + r = read_credential_with_decryption(de->d_name, (void**) &d, NULL); + if (r < 0) { + log_warning_errno(r, "Failed to read credential '%s', ignoring: %m", de->d_name); + continue; + } + + if (unit) { + _cleanup_free_ char *p = NULL; + + if (!unit_name_is_valid(unit, UNIT_NAME_ANY)) { + log_warning("Invalid unit name '%s' in credential '%s', ignoring.", + unit, de->d_name); + continue; + } + + p = path_join(arg_dest, unit); + if (!p) + return log_oom(); + + r = write_string_file_atomic_label(p, d); + if (r < 0) { + log_warning_errno(r, "Failed to write unit file '%s' from credential '%s', ignoring: %m", + unit, de->d_name); + continue; + } + + log_debug("Wrote unit file '%s' from credential '%s'", unit, de->d_name); + + } else if (dropin) { + _cleanup_free_ char *dropin_unit = NULL; + const char *tilde, *dropin_name; + + tilde = strchrnul(dropin, '~'); + dropin_unit = strndup(dropin, tilde - dropin); + if (!dropin_unit) + return log_oom(); + + if (!unit_name_is_valid(dropin_unit, UNIT_NAME_ANY)) { + log_warning("Invalid unit name '%s' in credential '%s', ignoring.", + dropin_unit, de->d_name); + continue; + } + + dropin_name = isempty(tilde) ? "50-credential" : tilde + 1; + if (isempty(dropin_name)) { + log_warning("Empty drop-in name for unit '%s' in credential '%s', ignoring.", + dropin_unit, de->d_name); + continue; + } + + r = write_drop_in(arg_dest, dropin_unit, /* level = */ UINT_MAX, dropin_name, d); + if (r < 0) { + log_warning_errno(r, "Failed to write drop-in '%s' for unit '%s' from credential '%s', ignoring: %m", + dropin_name, dropin_unit, de->d_name); + continue; + } + + log_debug("Wrote drop-in '%s' for unit '%s' from credential '%s'", dropin_name, dropin_unit, de->d_name); + } else + assert_not_reached(); + } + + return 0; } static int run(const char *dest, const char *dest_early, const char *dest_late) { - int r, q; + const char *credentials_dir; + int r; assert_se(arg_dest = dest_early); @@ -162,17 +263,22 @@ static int run(const char *dest, const char *dest_early, const char *dest_late) log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m"); if (arg_debug_shell) { - r = strv_extend(&arg_wants, "debug-shell.service"); - if (r < 0) + if (strv_extend(&arg_wants, "debug-shell.service") < 0) return log_oom(); - install_debug_shell_dropin(arg_dest); + RET_GATHER(r, install_debug_shell_dropin()); } - r = generate_mask_symlinks(); - q = generate_wants_symlinks(); + if (get_credentials_dir(&credentials_dir) >= 0) + RET_GATHER(r, process_unit_credentials(credentials_dir)); - return r < 0 ? r : q; + if (get_encrypted_credentials_dir(&credentials_dir) >= 0) + RET_GATHER(r, process_unit_credentials(credentials_dir)); + + RET_GATHER(r, generate_mask_symlinks()); + RET_GATHER(r, generate_wants_symlinks()); + + return r; } DEFINE_MAIN_GENERATOR_FUNCTION(run); |