core: add support for vpick for ExtensionDirectories=

2024-07-21 02:05:05 +00:00 · 2024-02-16 22:05:03 +00:00 · 2024-02-16 22:05:03 +00:00 · 622efc544d
parent 5e79dd96a8
commit 622efc544d
3 changed files with 31 additions and 5 deletions
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -588,6 +588,8 @@
        <para>Note that usage from user units requires overlayfs support in unprivileged user namespaces,
        which was first introduced in kernel v5.11.</para>

+        <xi:include href="vpick.xml" xpointer="directory"/>
+
        <xi:include href="system-or-user-ns.xml" xpointer="singular"/>

        <xi:include href="version-info.xml" xpointer="v251"/></listitem>
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@ -550,7 +550,8 @@ static int append_extensions(
         * Bind mount them in the same location as the ExtensionImages, so that we
         * can check that they are valid trees (extension-release.d). */
        STRV_FOREACH(extension_directory, extension_directories) {
-                _cleanup_free_ char *mount_point = NULL, *source = NULL;
+                _cleanup_(pick_result_done) PickResult result = PICK_RESULT_NULL;
+                _cleanup_free_ char *mount_point = NULL;
                const char *e = *extension_directory;
                bool ignore_enoent = false;

@ -567,9 +568,19 @@ static int append_extensions(
                if (startswith(e, "+"))
                        e++;

-                source = strdup(e);
-                if (!source)
-                        return -ENOMEM;
+                r = path_pick(/* toplevel_path= */ NULL,
+                              /* toplevel_fd= */ AT_FDCWD,
+                              e,
+                              &pick_filter_image_dir,
+                              PICK_ARCHITECTURE|PICK_TRIES,
+                              &result);
+                if (r < 0)
+                        return r;
+                if (!result.path)
+                        return log_debug_errno(
+                                        SYNTHETIC_ERRNO(ENOENT),
+                                        "No matching entry in .v/ directory %s found.",
+                                        e);

                for (size_t j = 0; hierarchies && hierarchies[j]; ++j) {
                        char *prefixed_hierarchy = path_join(mount_point, hierarchies[j]);
@ -587,7 +598,7 @@ static int append_extensions(

                *me = (MountEntry) {
                        .path_malloc = TAKE_PTR(mount_point),
-                        .source_malloc = TAKE_PTR(source),
+                        .source_malloc = TAKE_PTR(result.path),
                        .mode = MOUNT_EXTENSION_DIRECTORY,
                        .ignore = ignore_enoent,
                        .has_prefix = true,
--- a/test/units/testsuite-50.sh
+++ b/test/units/testsuite-50.sh
@ -479,6 +479,19 @@ RemainAfterExit=yes
 EOF
 systemctl start testservice-50f.service
 systemctl is-active testservice-50f.service
+
+# Check vpick support in ExtensionDirectories=
+VBASE="vtest$RANDOM"
+VDIR="/tmp/${VBASE}.v"
+mkdir "$VDIR"
+
+ln -s "${image_dir}/app0" "$VDIR/${VBASE}_0"
+ln -s "${image_dir}/app1" "$VDIR/${VBASE}_1"
+
+systemd-run -P --property ExtensionDirectories="$VDIR" cat /opt/script1.sh | grep -q -F "extension-release.app2"
+
+rm -rf "$VDIR"
+
 systemd-dissect --umount "${image_dir}/app0"
 systemd-dissect --umount "${image_dir}/app1"