Merge pull request #30172 from yuwata/analyze-verify-unit-path

analyze: do not prepend CWD to SYSTEMD_UNIT_PATH needlessly
2024-09-06 00:41:36 +00:00 · 2023-11-24 10:35:28 +00:00 · 2023-11-24 10:35:28 +00:00 · 36f4476361
parent c7896cecea 2f6181ad4d
commit 36f4476361
4 changed files with 24 additions and 42 deletions
--- a/src/analyze/analyze-condition.c
+++ b/src/analyze/analyze-condition.c
@ -78,18 +78,9 @@ static int verify_conditions(char **lines, RuntimeScope scope, const char *unit,
        int r, q = 1;

        if (unit) {
-                _cleanup_strv_free_ char **filenames = NULL;
-                _cleanup_free_ char *var = NULL;
-
-                filenames = strv_new(unit);
-                if (!filenames)
-                        return log_oom();
-
-                r = verify_generate_path(&var, filenames);
+                r = verify_set_unit_path(STRV_MAKE(unit));
                if (r < 0)
-                        return log_error_errno(r, "Failed to generate unit load path: %m");
-
-                assert_se(set_unit_path(var) >= 0);
+                        return log_error_errno(r, "Failed to set unit load path: %m");
        }

        r = manager_new(scope, MANAGER_TEST_RUN_MINIMAL|MANAGER_TEST_DONT_OPEN_EXECUTOR, &m);
--- a/src/analyze/analyze-security.c
+++ b/src/analyze/analyze-security.c
@ -2695,19 +2695,15 @@ static int offline_security_checks(

        _cleanup_(manager_freep) Manager *m = NULL;
        Unit *units[strv_length(filenames)];
-        _cleanup_free_ char *var = NULL;
        int r, k;
        size_t count = 0;

        if (strv_isempty(filenames))
                return 0;

-        /* set the path */
-        r = verify_generate_path(&var, filenames);
+        r = verify_set_unit_path(filenames);
        if (r < 0)
-                return log_error_errno(r, "Failed to generate unit load path: %m");
-
-        assert_se(set_unit_path(var) >= 0);
+                return log_error_errno(r, "Failed to set unit load path: %m");

        r = manager_new(scope, flags, &m);
        if (r < 0)
--- a/src/analyze/analyze-verify-util.c
+++ b/src/analyze/analyze-verify-util.c
@ -72,7 +72,7 @@ int verify_prepare_filename(const char *filename, char **ret) {
        return 0;
 }

-int verify_generate_path(char **ret, char **filenames) {
+int verify_set_unit_path(char **filenames) {
        _cleanup_strv_free_ char **ans = NULL;
        _cleanup_free_ char *joined = NULL;
        const char *old;
@ -86,6 +86,9 @@ int verify_generate_path(char **ret, char **filenames) {
                if (r < 0)
                        return r;

+                if (access(a, F_OK) < 0)
+                        continue;
+
                r = path_extract_directory(a, &t);
                if (r < 0)
                        return r;
@ -95,27 +98,22 @@ int verify_generate_path(char **ret, char **filenames) {
                        return r;
        }

-        strv_uniq(ans);
-
-        /* First, prepend our directories. Second, if some path was specified, use that, and
-         * otherwise use the defaults. Any duplicates will be filtered out in path-lookup.c.
-         * Treat explicit empty path to mean that nothing should be appended.
-         */
-        old = getenv("SYSTEMD_UNIT_PATH");
-        if (!streq_ptr(old, "")) {
-                if (!old)
-                        old = ":";
-
-                r = strv_extend(&ans, old);
-                if (r < 0)
-                        return r;
-        }
-
-        joined = strv_join(ans, ":");
+        joined = strv_join(strv_uniq(ans), ":");
        if (!joined)
                return -ENOMEM;

-        *ret = TAKE_PTR(joined);
+        if (isempty(joined))
+                return 0;
+
+        /* First, prepend our directories. Second, if some path was specified, use that, and
+         * otherwise use the defaults. Any duplicates will be filtered out in path-lookup.c.
+         * Treat explicit empty path to mean that nothing should be appended. */
+        old = getenv("SYSTEMD_UNIT_PATH");
+        if (!streq_ptr(old, "") &&
+            !strextend_with_separator(&joined, ":", old ?: ""))
+                return -ENOMEM;
+
+        assert_se(set_unit_path(joined) >= 0);
        return 0;
 }

@ -250,7 +248,6 @@ int verify_units(
        _cleanup_(set_destroy_ignore_pointer_max) Set *s = NULL;
        _unused_ _cleanup_(clear_log_syntax_callback) dummy_t dummy;
        Unit *units[strv_length(filenames)];
-        _cleanup_free_ char *var = NULL;
        int r, k, count = 0;

        if (strv_isempty(filenames))
@ -262,11 +259,9 @@ int verify_units(
        set_log_syntax_callback(log_syntax_callback, &s);

        /* set the path */
-        r = verify_generate_path(&var, filenames);
+        r = verify_set_unit_path(filenames);
        if (r < 0)
-                return log_error_errno(r, "Failed to generate unit load path: %m");
-
-        assert_se(set_unit_path(var) >= 0);
+                return log_error_errno(r, "Failed to set unit load path: %m");

        r = manager_new(scope, flags, &m);
        if (r < 0)
--- a/src/analyze/analyze-verify-util.h
+++ b/src/analyze/analyze-verify-util.h
@ -14,7 +14,7 @@ typedef enum RecursiveErrors {
        _RECURSIVE_ERRORS_INVALID = -EINVAL,
 } RecursiveErrors;

-int verify_generate_path(char **var, char **filenames);
+int verify_set_unit_path(char **filenames);
 int verify_prepare_filename(const char *filename, char **ret);
 int verify_executable(Unit *u, const ExecCommand *exec, const char *root);
 int verify_units(char **filenames, RuntimeScope scope, bool check_man, bool run_generators, RecursiveErrors recursive_errors, const char *root);