From 777b87e702197ad1f2d0f2a3aea5271d18062c5c Mon Sep 17 00:00:00 2001 From: Michal Schmidt Date: Fri, 16 Dec 2011 18:27:35 +0100 Subject: [PATCH] tmpfiles: add 'z', like 'Z' but not recursive --- man/systemd-tmpfiles.xml | 4 ++-- man/tmpfiles.d.xml | 14 ++++++++++++-- src/tmpfiles.c | 34 ++++++++++++++++++++++++---------- 3 files changed, 38 insertions(+), 14 deletions(-) diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml index 74dfd5ac..bbb80b2f 100644 --- a/man/systemd-tmpfiles.xml +++ b/man/systemd-tmpfiles.xml @@ -84,8 +84,8 @@ If this option is passed all files and directories marked with f, F, d, D in the configuration files are - created. Files and directories marked with Z - have their ownership, access mode and security + created. Files and directories marked with z, + Z have their ownership, access mode and security labels set. diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index e1379676..4a8e8316 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -156,6 +156,16 @@ d /run/user 0755 root root 10d names. + + z + Set ownership, access + mode and relabel security context of + a file or directory if it exists. + Lines of this type accept shell-style + globs in place of normal path names. + + + Z Recursively set @@ -175,7 +185,7 @@ d /run/user 0755 root root 10d The file access mode to use when creating this file or directory. If omitted or when set to - the default is used: 0755 for - directories, 0644 for files. For Z lines + directories, 0644 for files. For z, Z lines if omitted or when set to - the file access mode will not be modified. This parameter is ignored for x, r, R lines. @@ -188,7 +198,7 @@ d /run/user 0755 root root 10d or directory. This may either be a numeric user/group ID or a user or group name. If omitted or when set to - the default 0 (root) - is used. For Z lines when omitted or when set to - + is used. For z, Z lines when omitted or when set to - the file ownership will not be modified. These parameters are ignored for x, r, R lines. diff --git a/src/tmpfiles.c b/src/tmpfiles.c index 13950824..19a7c08c 100644 --- a/src/tmpfiles.c +++ b/src/tmpfiles.c @@ -62,6 +62,7 @@ typedef enum ItemType { IGNORE_PATH = 'x', REMOVE_PATH = 'r', RECURSIVE_REMOVE_PATH = 'R', + RELABEL_PATH = 'z', RECURSIVE_RELABEL_PATH = 'Z' } ItemType; @@ -92,7 +93,7 @@ static const char *arg_prefix = NULL; #define MAX_DEPTH 256 static bool needs_glob(ItemType t) { - return t == IGNORE_PATH || t == REMOVE_PATH || t == RECURSIVE_REMOVE_PATH || t == RECURSIVE_RELABEL_PATH; + return t == IGNORE_PATH || t == REMOVE_PATH || t == RECURSIVE_REMOVE_PATH || t == RELABEL_PATH || t == RECURSIVE_RELABEL_PATH; } static struct Item* find_glob(Hashmap *h, const char *match) { @@ -646,6 +647,13 @@ static int create_item(Item *i) { break; + case RELABEL_PATH: + + r = glob_item(i, item_set_perms); + if (r < 0) + return 0; + break; + case RECURSIVE_RELABEL_PATH: r = glob_item(i, recursive_relabel); @@ -670,6 +678,7 @@ static int remove_item_instance(Item *i, const char *instance) { case CREATE_DIRECTORY: case CREATE_FIFO: case IGNORE_PATH: + case RELABEL_PATH: case RECURSIVE_RELABEL_PATH: break; @@ -707,6 +716,7 @@ static int remove_item(Item *i) { case CREATE_DIRECTORY: case CREATE_FIFO: case IGNORE_PATH: + case RELABEL_PATH: case RECURSIVE_RELABEL_PATH: break; @@ -808,15 +818,19 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { goto finish; } - if (type != CREATE_FILE && - type != TRUNCATE_FILE && - type != CREATE_DIRECTORY && - type != TRUNCATE_DIRECTORY && - type != CREATE_FIFO && - type != IGNORE_PATH && - type != REMOVE_PATH && - type != RECURSIVE_REMOVE_PATH && - type != RECURSIVE_RELABEL_PATH) { + switch(type) { + case CREATE_FILE: + case TRUNCATE_FILE: + case CREATE_DIRECTORY: + case TRUNCATE_DIRECTORY: + case CREATE_FIFO: + case IGNORE_PATH: + case REMOVE_PATH: + case RECURSIVE_REMOVE_PATH: + case RELABEL_PATH: + case RECURSIVE_RELABEL_PATH: + break; + default: log_error("[%s:%u] Unknown file type '%c'.", fname, line, type); r = -EBADMSG; goto finish; -- 2.39.5