From 74e125207283c029b373f9a9b8c0ed32921dc97b Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 1 Oct 2020 10:42:10 +0200 Subject: [PATCH 1/2] execute: add helper for checking if root_directory/root_image are set in ExecContext --- src/core/execute.c | 6 +++--- src/core/execute.h | 9 +++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/src/core/execute.c b/src/core/execute.c index 92da22081b2..b8667477198 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2983,7 +2983,7 @@ static int compile_bind_mounts( continue; if (exec_directory_is_private(context, t) && - !(context->root_directory || context->root_image)) { + !exec_context_with_rootfs(context)) { char *private_root; /* So this is for a dynamic user, and we need to make sure the process can access its own @@ -3014,7 +3014,7 @@ static int compile_bind_mounts( } if (exec_directory_is_private(context, t) && - (context->root_directory || context->root_image)) + exec_context_with_rootfs(context)) /* When RootDirectory= or RootImage= are set, then the symbolic link to the private * directory is not created on the root directory. So, let's bind-mount the directory * on the 'non-private' place. */ @@ -5658,7 +5658,7 @@ bool exec_context_get_effective_mount_apivfs(const ExecContext *c) { return c->mount_apivfs; /* Default to "yes" if root directory or image are specified */ - if (c->root_image || !empty_or_root(c->root_directory)) + if (exec_context_with_rootfs(c)) return true; return false; diff --git a/src/core/execute.h b/src/core/execute.h index c21154bda26..c4345005c1f 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -23,6 +23,7 @@ typedef struct Manager Manager; #include "namespace.h" #include "nsflags.h" #include "numa-util.h" +#include "path-util.h" #include "time-util.h" #define EXEC_STDIN_DATA_MAX (64U*1024U*1024U) @@ -325,6 +326,14 @@ static inline bool exec_context_restrict_namespaces_set(const ExecContext *c) { return (c->restrict_namespaces & NAMESPACE_FLAGS_ALL) != NAMESPACE_FLAGS_ALL; } +static inline bool exec_context_with_rootfs(const ExecContext *c) { + assert(c); + + /* Checks if RootDirectory= or RootImage= are used */ + + return !empty_or_root(c->root_directory) || c->root_image; +} + typedef enum ExecFlags { EXEC_APPLY_SANDBOXING = 1 << 0, EXEC_APPLY_CHROOT = 1 << 1, From 14eb3285ab5b22064b34255fda17599656f05308 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 1 Oct 2020 10:53:56 +0200 Subject: [PATCH 2/2] execute: use empty_to_root() a bit more --- coccinelle/empty-to-root.cocci | 5 +++++ src/core/execute.c | 10 ++++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/coccinelle/empty-to-root.cocci b/coccinelle/empty-to-root.cocci index 45627c98019..3720497bef9 100644 --- a/coccinelle/empty-to-root.cocci +++ b/coccinelle/empty-to-root.cocci @@ -9,3 +9,8 @@ expression s; @@ - (empty_or_root(s) ? "/" : s) + empty_to_root(s) +@@ +expression s; +@@ +- (s ? s : "/") ++ empty_to_root(s) diff --git a/src/core/execute.c b/src/core/execute.c index b8667477198..5264b8f0919 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -3245,10 +3245,8 @@ static int apply_working_directory( wd = home; - } else if (context->working_directory) - wd = context->working_directory; - else - wd = "/"; + } else + wd = empty_to_root(context->working_directory); if (params->flags & EXEC_APPLY_CHROOT) d = wd; @@ -5171,8 +5169,8 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { "%sProtectProc: %s\n" "%sProcSubset: %s\n", prefix, c->umask, - prefix, c->working_directory ? c->working_directory : "/", - prefix, c->root_directory ? c->root_directory : "/", + prefix, empty_to_root(c->working_directory), + prefix, empty_to_root(c->root_directory), prefix, yes_no(c->non_blocking), prefix, yes_no(c->private_tmp), prefix, yes_no(c->private_devices),