From fc53809803cd2bc2434e312b19a18fa36776da12 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 05:50:40 +0200 Subject: Adding upstream version 256. Signed-off-by: Daniel Baumann --- src/shared/machine-id-setup.c | 61 ++++++++++++++++++++++++++++++------------- 1 file changed, 43 insertions(+), 18 deletions(-) (limited to 'src/shared/machine-id-setup.c') diff --git a/src/shared/machine-id-setup.c b/src/shared/machine-id-setup.c index 3efba03..1a63794 100644 --- a/src/shared/machine-id-setup.c +++ b/src/shared/machine-id-setup.c @@ -5,6 +5,7 @@ #include #include +#include "sd-daemon.h" #include "sd-id128.h" #include "alloc-util.h" @@ -12,6 +13,7 @@ #include "creds-util.h" #include "fd-util.h" #include "id128-util.h" +#include "initrd-util.h" #include "io-util.h" #include "log.h" #include "machine-id-setup.h" @@ -46,13 +48,22 @@ static int acquire_machine_id_from_credential(sd_id128_t *ret) { return 0; } -static int generate_machine_id(const char *root, sd_id128_t *ret) { +static int acquire_machine_id(const char *root, sd_id128_t *ret) { _cleanup_close_ int fd = -EBADF; int r; assert(ret); - /* First, try reading the D-Bus machine id, unless it is a symlink */ + /* First, try reading the machine ID from /run/machine-id, which may not be mounted on + * /etc/machine-id yet. This is important on switching root especially on soft-reboot, Otherwise, + * machine ID may be changed after the transition. */ + if (isempty(root) && running_in_chroot() <= 0 && + id128_read("/run/machine-id", ID128_FORMAT_PLAIN, ret) >= 0) { + log_info("Reusing machine ID stored in /run/machine-id."); + return 1; /* Indicate that the machine ID is reused. */ + } + + /* Then, try reading the D-Bus machine id, unless it is a symlink */ fd = chase_and_open("/var/lib/dbus/machine-id", root, CHASE_PREFIX_ROOT | CHASE_NOFOLLOW, O_RDONLY|O_CLOEXEC|O_NOCTTY, NULL); if (fd >= 0 && id128_read_fd(fd, ID128_FORMAT_PLAIN | ID128_REFUSE_NULL, ret) >= 0) { log_info("Initializing machine ID from D-Bus machine ID."); @@ -61,9 +72,8 @@ static int generate_machine_id(const char *root, sd_id128_t *ret) { if (isempty(root) && running_in_chroot() <= 0) { /* Let's use a system credential for the machine ID if we can */ - r = acquire_machine_id_from_credential(ret); - if (r >= 0) - return r; + if (acquire_machine_id_from_credential(ret) >= 0) + return 0; /* If that didn't work, see if we are running in a container, * and a machine ID was passed in via $container_uuid the way @@ -103,7 +113,7 @@ static int generate_machine_id(const char *root, sd_id128_t *ret) { int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_id, sd_id128_t *ret) { const char *etc_machine_id, *run_machine_id; _cleanup_close_ int fd = -EBADF; - bool writable; + bool writable, write_run_machine_id = true; int r; etc_machine_id = prefix_roota(root, "/etc/machine-id"); @@ -141,13 +151,14 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_ if (sd_id128_is_null(machine_id)) { /* Try to read any existing machine ID */ - if (id128_read_fd(fd, ID128_FORMAT_PLAIN, ret) >= 0) - return 0; + if (id128_read_fd(fd, ID128_FORMAT_PLAIN, &machine_id) >= 0) + goto finish; - /* Hmm, so, the id currently stored is not useful, then let's generate one */ - r = generate_machine_id(root, &machine_id); + /* Hmm, so, the id currently stored is not useful, then let's acquire one. */ + r = acquire_machine_id(root, &machine_id); if (r < 0) return r; + write_run_machine_id = !r; } if (writable) { @@ -185,11 +196,13 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_ run_machine_id = prefix_roota(root, "/run/machine-id"); - WITH_UMASK(0022) - r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id); - if (r < 0) { - (void) unlink(run_machine_id); - return log_error_errno(r, "Cannot write %s: %m", run_machine_id); + if (write_run_machine_id) { + WITH_UMASK(0022) + r = id128_write(run_machine_id, ID128_FORMAT_PLAIN, machine_id); + if (r < 0) { + (void) unlink(run_machine_id); + return log_error_errno(r, "Cannot write %s: %m", run_machine_id); + } } /* And now, let's mount it over */ @@ -207,6 +220,9 @@ int machine_id_setup(const char *root, bool force_transient, sd_id128_t machine_ return r; finish: + if (!in_initrd()) + (void) sd_notifyf(/* unset_environment= */ false, "X_SYSTEMD_MACHINE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(machine_id)); + if (ret) *ret = machine_id; @@ -237,7 +253,7 @@ int machine_id_commit(const char *root) { etc_machine_id = prefix_roota(root, "/etc/machine-id"); - r = path_is_mount_point(etc_machine_id, NULL, 0); + r = path_is_mount_point(etc_machine_id); if (r < 0) return log_error_errno(r, "Failed to determine whether %s is a mount point: %m", etc_machine_id); if (r == 0) { @@ -265,7 +281,12 @@ int machine_id_commit(const char *root) { fd = safe_close(fd); /* Store current mount namespace */ - r = namespace_open(0, NULL, &initial_mntns_fd, NULL, NULL, NULL); + r = namespace_open(0, + /* ret_pidns_fd = */ NULL, + &initial_mntns_fd, + /* ret_netns_fd = */ NULL, + /* ret_userns_fd = */ NULL, + /* ret_root_fd = */ NULL); if (r < 0) return log_error_errno(r, "Can't fetch current mount namespace: %m"); @@ -284,7 +305,11 @@ int machine_id_commit(const char *root) { return log_error_errno(r, "Cannot write %s. This is mandatory to get a persistent machine ID: %m", etc_machine_id); /* Return to initial namespace and proceed a lazy tmpfs unmount */ - r = namespace_enter(-1, initial_mntns_fd, -1, -1, -1); + r = namespace_enter(/* pidns_fd = */ -EBADF, + initial_mntns_fd, + /* netns_fd = */ -EBADF, + /* userns_fd = */ -EBADF, + /* root_fd = */ -EBADF); if (r < 0) return log_warning_errno(r, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot.", etc_machine_id); -- cgit v1.2.3